feat(wasm-host): JVM WASM host for TDF encrypt round-trip#338
feat(wasm-host): JVM WASM host for TDF encrypt round-trip#338pflynn-virtru wants to merge 2 commits intomainfrom
Conversation
Add a new wasm-host Maven module that loads the TinyGo-built TDF encrypt WASM binary via Chicory (pure-Java WASM runtime), provides host crypto functions using Java SDK classes, and validates that WASM-produced TDFs decrypt correctly. Three JUnit 5 tests: - HS256 round-trip: encrypt → parse ZIP → unwrap DEK → AES-GCM decrypt - GMAC round-trip: verify segment hash equals GCM auth tag, then decrypt - Error handling: invalid PEM returns error via get_error export Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Summary of ChangesHello @pflynn-virtru, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request introduces a significant enhancement by integrating WebAssembly (WASM) capabilities into the JVM environment for TDF encryption. It establishes a robust framework for executing WASM binaries, specifically a TinyGo-built TDF encrypt module, directly within Java. This integration is crucial for validating the TDF encryption process across different platforms and ensures that the cryptographic operations performed by the WASM module are consistent and secure, utilizing the established Java SDK crypto primitives. Highlights
🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console. Changelog
Activity
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a wasm-host module for end-to-end testing of TDF encryption via a WASM binary, with a well-structured implementation using Chicory and comprehensive tests. However, a medium-severity security vulnerability was identified: the WasmTdfTest.java file uses RSA-OAEP with SHA-1, a deprecated and insecure hash function. This exposes an underlying SDK dependency (AsymEncryption, AsymDecryption) hardcoded to this weak algorithm. It is recommended to update the core SDK to use a modern, secure hashing algorithm like SHA-256 for the OAEP padding scheme. Additionally, minor code quality improvements are suggested, such as refactoring SecureRandom instantiation, reducing host function definition duplication, and replacing magic numbers with named constants.
| new HostFunction( | ||
| "crypto", "rsa_oaep_sha1_encrypt", | ||
| FunctionType.of( | ||
| List.of(ValType.I32, ValType.I32, ValType.I32, ValType.I32, ValType.I32), | ||
| List.of(ValType.I32)), | ||
| (inst, args) -> { | ||
| try { | ||
| String pubPEM = inst.memory().readString((int) args[0], (int) args[1]); | ||
| byte[] pt = inst.memory().readBytes((int) args[2], (int) args[3]); | ||
| byte[] encrypted = new AsymEncryption(pubPEM).encrypt(pt); | ||
| inst.memory().write((int) args[4], encrypted); | ||
| return new long[]{encrypted.length}; | ||
| } catch (Exception e) { | ||
| lastError = e.getMessage(); | ||
| return new long[]{ERR_SENTINEL}; | ||
| } | ||
| }), |
There was a problem hiding this comment.
The host functions rsa_oaep_sha1_encrypt and rsa_oaep_sha1_decrypt rely on an underlying implementation (AsymEncryption/AsymDecryption) that uses RSA-OAEP with SHA-1. SHA-1 is a deprecated cryptographic hash function with known collision vulnerabilities and should not be used in new applications. The use of SHA-1 in the padding scheme weakens the overall security of the asymmetric encryption. It is recommended to upgrade the underlying SDK classes to use a stronger hash function, such as SHA-256, in the OAEP padding (e.g., RSA/ECB/OAEPWithSHA-256AndMGF1Padding).
| int outPtr = (int) args[0]; | ||
| int n = (int) args[1]; | ||
| byte[] bytes = new byte[n]; | ||
| new SecureRandom().nextBytes(bytes); |
There was a problem hiding this comment.
Creating a new SecureRandom instance on every call to this host function is inefficient, as SecureRandom instances can be expensive to initialize. It's recommended to create a single, static SecureRandom instance and reuse it, since it is thread-safe.
For example, you could add a static field to your test class:
private static final SecureRandom SECURE_RANDOM = new SecureRandom();And then change this line to:
SECURE_RANDOM.nextBytes(bytes);| try { | ||
| byte[] key = inst.memory().readBytes((int) args[0], (int) args[1]); | ||
| byte[] pt = inst.memory().readBytes((int) args[2], (int) args[3]); | ||
| AesGcm.Encrypted encrypted = new AesGcm(key).encrypt(pt); | ||
| byte[] result = encrypted.asBytes(); | ||
| inst.memory().write((int) args[4], result); | ||
| return new long[]{result.length}; | ||
| } catch (Exception e) { | ||
| lastError = e.getMessage(); | ||
| return new long[]{ERR_SENTINEL}; | ||
| } |
There was a problem hiding this comment.
The try-catch block for error handling is repeated in multiple host functions (aes_gcm_encrypt, aes_gcm_decrypt, hmac_sha256, etc.). This boilerplate code could be extracted into a helper method to reduce duplication and improve readability. The helper could accept a lambda expression for the core logic of each crypto operation and wrap it with the try-catch logic.
| int outCapacity = 1024 * 1024; | ||
| long outPtr = wasmMalloc(outCapacity); |
There was a problem hiding this comment.
The output capacity 1024 * 1024 is a magic number. This value is also used in testErrorHandlingInvalidPEM, and getWasmError uses another magic number 4096. It's recommended to define these as named constants at the top of the class to improve readability and maintainability. For example:
private static final int WASM_OUTPUT_BUFFER_CAPACITY = 1024 * 1024;
private static final int WASM_ERROR_BUFFER_SIZE = 4096;…ix landed Replace ZipFile (temp file + central directory) workaround with standard ZipInputStream, since opentdf/platform@7dd876e1 fixed the STORED entries with unnecessary data descriptors. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
X-Test Failure Report |
|
X-Test Results✅ js-main |
1 participant
Summary
wasm-hostMaven module to thedevelopprofilecryptonamespace) using Java SDK classes (AesGcm,AsymEncryption,AsymDecryption,CryptoUtils)Notes
tdfcore.wasm) is gitignored and must be built fromopentdf/platformbefore running testsZipFileinstead ofZipInputStreamto parse TDF output due to upstream zipstream bug (STORED entries with unnecessary data descriptors) — tracked in WASM zipstream uses unnecessary data descriptors for STORED entries #337<module>entryTest plan
mvn test -pl wasm-host -Pdevelop -ampasses all 3 teststinygoor a pre-builttdfcore.wasmartifact to run🤖 Generated with Claude Code