[pitboss/grind] deferred session-0019 (20260522T043516Z-29b8)

tests/dynamic_fixtures/crypto/java/vuln.java

@@ -1,14 +1,24 @@
 // Phase 11 (Track J.9) — Java CRYPTO vuln fixture.
 //
-// Uses java.util.Random (a non-CSPRNG) to derive key bytes, producing
-// a key bounded inside a 16-bit search space.  The harness's
-// instrumented key-generation path writes a `ProbeKind::WeakKey`
-// probe; the `WeakKeyEntropy` oracle fires for `key_int < 2^16`.
+// Models a config-driven crypto endpoint that picks the RNG based on
+// the request payload — `*_WEAK` routes through `java.util.Random`
+// (a non-CSPRNG, seeded from the payload hash, returning a 16-bit
+// key) and `*_STRONG` routes through `java.security.SecureRandom`
+// (a CSPRNG, returning 32 bytes).  This shape is needed by the
+// differential runner: the vuln-payload attempt and the benign-
+// control attempt both load the same fixture, and only the payload-
+// routed weak branch trips the `WeakKeyEntropy` predicate.
 import java.util.Random;
+import java.security.SecureRandom;
 
 public class Vuln {
-    public static byte[] run(String seedTag) {
-        Random r = new Random(seedTag.hashCode());
+    public static byte[] run(String value) {
+        if (value != null && value.contains("STRONG")) {
+            byte[] key = new byte[32];
+            new SecureRandom().nextBytes(key);
+            return key;
+        }
+        Random r = new Random(value == null ? 0L : (long) value.hashCode());
         byte[] key = new byte[2];
         r.nextBytes(key);
         return key;