Produced by Araxis Merge on 9/25/2018 2:13:10 PM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
# | Location | File | Last Modified |
---|---|---|---|
1 | build 3.zip\build 3\MHLTH_YS_137_Source\JavaScript\resources\javaJDF-1.8.0\src\java\security | SecureRandom.java | Mon Jan 22 14:46:52 2018 UTC |
2 | build 3.zip\build 3\MHLTH_YS_137_Source\JavaScript\resources\javaJDF-1.8.0\src\java\security | SecureRandom.java | Wed Sep 12 17:12:28 2018 UTC |
Description | Between Files 1 and 2 |
|
---|---|---|
Text Blocks | Lines | |
Unchanged | 2 | 1374 |
Changed | 1 | 2 |
Inserted | 0 | 0 |
Removed | 0 | 0 |
Whitespace | |
---|---|
Character case | Differences in character case are significant |
Line endings | Differences in line endings (CR and LF characters) are ignored |
CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
1 | /* | |
2 | * Copyrig ht (c) 199 6, 2013, O racle and/ or its aff iliates. A ll rights reserved. | |
3 | * DO NOT ALTER OR R EMOVE COPY RIGHT NOTI CES OR THI S FILE HEA DER. | |
4 | * | |
5 | * This co de is free software; you can r edistribut e it and/o r modify i t | |
6 | * under t he terms o f the GNU General Pu blic Licen se version 2 only, a s | |
7 | * publish ed by the Free Softw are Founda tion. Ora cle design ates this | |
8 | * particu lar file a s subject to the "Cl asspath" e xception a s provided | |
9 | * by Orac le in the LICENSE fi le that ac companied this code. | |
10 | * | |
11 | * This co de is dist ributed in the hope that it wi ll be usef ul, but WI THOUT | |
12 | * ANY WAR RANTY; wit hout even the implie d warranty of MERCHA NTABILITY or | |
13 | * FITNESS FOR A PAR TICULAR PU RPOSE. Se e the GNU General Pu blic Licen se | |
14 | * version 2 for mor e details (a copy is included in the LIC ENSE file that | |
15 | * accompa nied this code). | |
16 | * | |
17 | * You sho uld have r eceived a copy of th e GNU Gene ral Public License v ersion | |
18 | * 2 along with this work; if not, write to the Fr ee Softwar e Foundati on, | |
19 | * Inc., 5 1 Franklin St, Fifth Floor, Bo ston, MA 0 2110-1301 USA. | |
20 | * | |
21 | * Please contact Or acle, 500 Oracle Par kway, Redw ood Shores , CA 94065 USA | |
22 | * or visi t www.orac le.com if you need a dditional informatio n or have any | |
23 | * questio ns. | |
24 | */ | |
25 | ||
26 | package ja va.securit y; | |
27 | ||
28 | import jav a.util.*; | |
29 | import jav a.util.reg ex.*; | |
30 | ||
31 | import jav a.security .Provider. Service; | |
32 | ||
33 | import sun .security. jca.*; | |
34 | import sun .security. jca.GetIns tance.Inst ance; | |
35 | import sun .security. util.Debug ; | |
36 | ||
37 | /** | |
38 | * This cl ass provid es a crypt ographical ly strong random num ber | |
39 | * generat or (RNG). | |
40 | * | |
41 | * <p>A cr yptographi cally stro ng random number | |
42 | * minimal ly complie s with the statistic al random number gen erator tes ts | |
43 | * specifi ed in <a h ref="http: //csrc.nis t.gov/cryp tval/140-2 .htm"> | |
44 | * <i>FIPS 140-2, Se curity Req uirements for Crypto graphic Mo dules</i>< /a>, | |
45 | * section 4.9.1. | |
46 | * Additio nally, Sec ureRandom must produ ce non-det erministic output. | |
47 | * Therefo re any see d material passed to a SecureR andom obje ct must be | |
48 | * unpredi ctable, an d all Secu reRandom o utput sequ ences must be | |
49 | * cryptog raphically strong, a s describe d in | |
50 | * <a href ="http://w ww.ietf.or g/rfc/rfc1 750.txt"> | |
51 | * <i>RFC 1750: Rand omness Rec ommendatio ns for Sec urity</i>< /a>. | |
52 | * | |
53 | * <p>A ca ller obtai ns a Secur eRandom in stance via the | |
54 | * no-argu ment const ructor or one of the {@code ge tInstance} methods: | |
55 | * | |
56 | * <pre> | |
57 | * Se cureRandom random = new Secure Random(); | |
58 | * </pre> | |
59 | * | |
60 | * <p> Man y SecureRa ndom imple mentations are in th e form of a pseudo-r andom | |
61 | * number generator (PRNG), wh ich means they use a determini stic algor ithm | |
62 | * to prod uce a pseu do-random sequence f rom a true random se ed. | |
63 | * Other i mplementat ions may p roduce tru e random n umbers, | |
64 | * and yet others ma y use a co mbination of both te chniques. | |
65 | * | |
66 | * <p> Typ ical calle rs of Secu reRandom i nvoke the following methods | |
67 | * to retr ieve rando m bytes: | |
68 | * | |
69 | * <pre> | |
70 | * Se cureRandom random = new Secure Random(); | |
71 | * by te bytes[] = new byt e[20]; | |
72 | * ra ndom.nextB ytes(bytes ); | |
73 | * </pre> | |
74 | * | |
75 | * <p> Cal lers may a lso invoke the {@cod e generate Seed} meth od | |
76 | * to gene rate a giv en number of seed by tes (to se ed other r andom numb er | |
77 | * generat ors, for e xample): | |
78 | * <pre> | |
79 | * by te seed[] = random.g enerateSee d(20); | |
80 | * </pre> | |
81 | * | |
82 | * Note: D epending o n the impl ementation , the {@co de generat eSeed} and | |
83 | * {@code nextBytes} methods m ay block a s entropy is being g athered, | |
84 | * for exa mple, if t hey need t o read fro m /dev/ran dom on var ious Unix- like | |
85 | * operati ng systems . | |
86 | * | |
87 | * @see ja va.securit y.SecureRa ndomSpi | |
88 | * @see ja va.util.Ra ndom | |
89 | * | |
90 | * @author Benjamin Renaud | |
91 | * @author Josh Bloc h | |
92 | */ | |
93 | ||
94 | public cla ss SecureR andom exte nds java.u til.Random { | |
95 | ||
96 | privat e static f inal Debug pdebug = | |
97 | Debug. getInstanc e("provide r", "Provi der"); | |
98 | privat e static f inal boole an skipDeb ug = | |
99 | De bug.isOn(" engine=") && !Debug. isOn("secu rerandom") ; | |
100 | ||
101 | /** | |
102 | * The provider. | |
103 | * | |
104 | * @se rial | |
105 | * @si nce 1.2 | |
106 | */ | |
107 | privat e Provider provider = null; | |
108 | ||
109 | /** | |
110 | * The provider implementa tion. | |
111 | * | |
112 | * @se rial | |
113 | * @si nce 1.2 | |
114 | */ | |
115 | privat e SecureRa ndomSpi se cureRandom Spi = null ; | |
116 | ||
117 | /* | |
118 | * The algorithm name of n ull if unk nown. | |
119 | * | |
120 | * @se rial | |
121 | * @si nce 1.5 | |
122 | */ | |
123 | privat e String a lgorithm; | |
124 | ||
125 | // See d Generato r | |
126 | privat e static v olatile Se cureRandom seedGener ator = nul l; | |
127 | ||
128 | /** | |
129 | * Con structs a secure ran dom number generator (RNG) imp lementing the | |
130 | * def ault rando m number a lgorithm. | |
131 | * | |
132 | * <p> This cons tructor tr averses th e list of registered security Providers, | |
133 | * sta rting with the most preferred Provider. | |
134 | * A n ew SecureR andom obje ct encapsu lating the | |
135 | * Sec ureRandomS pi impleme ntation fr om the fir st | |
136 | * Pro vider that supports a SecureRa ndom (RNG) algorithm is return ed. | |
137 | * If none of th e Provider s support a RNG algo rithm, | |
138 | * the n an imple mentation- specific d efault is returned. | |
139 | * | |
140 | * <p> Note that the list of registe red provid ers may be retrieved via | |
141 | * the {@link Se curity#get Providers( ) Security .getProvid ers()} met hod. | |
142 | * | |
143 | * <p> See the S ecureRando m section in the <a href= | |
144 | * "{@ docRoot}/. ./technote s/guides/s ecurity/St andardName s.html#Sec ureRandom" > | |
145 | * Jav a Cryptogr aphy Archi tecture St andard Alg orithm Nam e Document ation</a> | |
146 | * for informati on about s tandard RN G algorith m names. | |
147 | * | |
148 | * <p> The retur ned Secure Random obj ect has no t been see ded. To s eed the | |
149 | * ret urned obje ct, call t he {@code setSeed} m ethod. | |
150 | * If {@code set Seed} is n ot called, the first call to | |
151 | * {@c ode nextBy tes} will force the SecureRand om object to seed it self. | |
152 | * Thi s self-see ding will not occur if {@code setSeed} w as | |
153 | * pre viously ca lled. | |
154 | */ | |
155 | public SecureRan dom() { | |
156 | /* | |
157 | * This call to our su perclass c onstructor will resu lt in a ca ll | |
158 | * to our ow n {@code s etSeed} me thod, whic h will ret urn | |
159 | * immediate ly when it is passed zero. | |
160 | * / | |
161 | su per(0); | |
162 | ge tDefaultPR NG(false, null); | |
163 | } | |
164 | ||
165 | /** | |
166 | * Con structs a secure ran dom number generator (RNG) imp lementing the | |
167 | * def ault rando m number a lgorithm. | |
168 | * The SecureRan dom instan ce is seed ed with th e specifie d seed byt es. | |
169 | * | |
170 | * <p> This cons tructor tr averses th e list of registered security Providers, | |
171 | * sta rting with the most preferred Provider. | |
172 | * A n ew SecureR andom obje ct encapsu lating the | |
173 | * Sec ureRandomS pi impleme ntation fr om the fir st | |
174 | * Pro vider that supports a SecureRa ndom (RNG) algorithm is return ed. | |
175 | * If none of th e Provider s support a RNG algo rithm, | |
176 | * the n an imple mentation- specific d efault is returned. | |
177 | * | |
178 | * <p> Note that the list of registe red provid ers may be retrieved via | |
179 | * the {@link Se curity#get Providers( ) Security .getProvid ers()} met hod. | |
180 | * | |
181 | * <p> See the S ecureRando m section in the <a href= | |
182 | * "{@ docRoot}/. ./technote s/guides/s ecurity/St andardName s.html#Sec ureRandom" > | |
183 | * Jav a Cryptogr aphy Archi tecture St andard Alg orithm Nam e Document ation</a> | |
184 | * for informati on about s tandard RN G algorith m names. | |
185 | * | |
186 | * @pa ram seed t he seed. | |
187 | */ | |
188 | public SecureRan dom(byte s eed[]) { | |
189 | su per(0); | |
190 | ge tDefaultPR NG(true, s eed); | |
191 | } | |
192 | ||
193 | privat e void get DefaultPRN G(boolean setSeed, b yte[] seed ) { | |
194 | St ring prng = getPrngA lgorithm() ; | |
195 | if (prng == null) { | |
196 | // bumme r, get the SUN imple mentation | |
197 | prng = " SHA1PRNG"; | |
198 | this.sec ureRandomS pi = new s un.securit y.provider .SecureRan dom(); | |
199 | this.pro vider = Pr oviders.ge tSunProvid er(); | |
200 | if (setS eed) { | |
201 | this .secureRan domSpi.eng ineSetSeed (seed); | |
202 | } | |
203 | } else { | |
204 | try { | |
205 | Secu reRandom r andom = Se cureRandom .getInstan ce(prng); | |
206 | this .secureRan domSpi = r andom.getS ecureRando mSpi(); | |
207 | this .provider = random.g etProvider (); | |
208 | if ( setSeed) { | |
209 | this.secur eRandomSpi .engineSet Seed(seed) ; | |
210 | } | |
211 | } catch (NoSuchAlg orithmExce ption nsae ) { | |
212 | // n ever happe ns, becaus e we made sure the a lgorithm e xists | |
213 | thro w new Runt imeExcepti on(nsae); | |
214 | } | |
215 | } | |
216 | // JDK 1.1 b ased imple mentations subclass SecureRand om instead of | |
217 | // SecureRan domSpi. Th ey will al so go thro ugh this c ode path b ecause | |
218 | // they must call a Se cureRandom construct or as it i s their su perclass. | |
219 | // If we are dealing w ith such a n implemen tation, do not set t he | |
220 | // algorithm value as it would b e inaccura te. | |
221 | if (getClass () == Secu reRandom.c lass) { | |
222 | this.alg orithm = p rng; | |
223 | } | |
224 | } | |
225 | ||
226 | /** | |
227 | * Cre ates a Sec ureRandom object. | |
228 | * | |
229 | * @pa ram secure RandomSpi the Secure Random imp lementatio n. | |
230 | * @pa ram provid er the pro vider. | |
231 | */ | |
232 | protec ted Secure Random(Sec ureRandomS pi secureR andomSpi, | |
233 | Pro vider prov ider) { | |
234 | th is(secureR andomSpi, provider, null); | |
235 | } | |
236 | ||
237 | privat e SecureRa ndom(Secur eRandomSpi secureRan domSpi, Pr ovider pro vider, | |
238 | String a lgorithm) { | |
239 | su per(0); | |
240 | th is.secureR andomSpi = secureRan domSpi; | |
241 | th is.provide r = provid er; | |
242 | th is.algorit hm = algor ithm; | |
243 | ||
244 | if (!skipDeb ug && pdeb ug != null ) { | |
245 | pdebug.p rintln("Se cureRandom ." + algor ithm + | |
246 | " al gorithm fr om: " + th is.provide r.getName( )); | |
247 | } | |
248 | } | |
249 | ||
250 | /** | |
251 | * Ret urns a Sec ureRandom object tha t implemen ts the spe cified | |
252 | * Ran dom Number Generator (RNG) alg orithm. | |
253 | * | |
254 | * <p> This meth od travers es the lis t of regis tered secu rity Provi ders, | |
255 | * sta rting with the most preferred Provider. | |
256 | * A n ew SecureR andom obje ct encapsu lating the | |
257 | * Sec ureRandomS pi impleme ntation fr om the fir st | |
258 | * Pro vider that supports the specif ied algori thm is ret urned. | |
259 | * | |
260 | * <p> Note that the list of registe red provid ers may be retrieved via | |
261 | * the {@link Se curity#get Providers( ) Security .getProvid ers()} met hod. | |
262 | * | |
263 | * <p> The retur ned Secure Random obj ect has no t been see ded. To s eed the | |
264 | * ret urned obje ct, call t he {@code setSeed} m ethod. | |
265 | * If {@code set Seed} is n ot called, the first call to | |
266 | * {@c ode nextBy tes} will force the SecureRand om object to seed it self. | |
267 | * Thi s self-see ding will not occur if {@code setSeed} w as | |
268 | * pre viously ca lled. | |
269 | * | |
270 | * @pa ram algori thm the na me of the RNG algori thm. | |
271 | * See the Secur eRandom se ction in t he <a href = | |
272 | * "{@ docRoot}/. ./technote s/guides/s ecurity/St andardName s.html#Sec ureRandom" > | |
273 | * Jav a Cryptogr aphy Archi tecture St andard Alg orithm Nam e Document ation</a> | |
274 | * for informati on about s tandard RN G algorith m names. | |
275 | * | |
276 | * @re turn the n ew SecureR andom obje ct. | |
277 | * | |
278 | * @ex ception No SuchAlgori thmExcepti on if no P rovider su pports a | |
279 | * Secu reRandomSp i implemen tation for the | |
280 | * spec ified algo rithm. | |
281 | * | |
282 | * @se e Provider | |
283 | * | |
284 | * @si nce 1.2 | |
285 | */ | |
286 | public static Se cureRandom getInstan ce(String algorithm) | |
287 | throws N oSuchAlgor ithmExcept ion { | |
288 | In stance ins tance = Ge tInstance. getInstanc e("SecureR andom", | |
289 | SecureRa ndomSpi.cl ass, algor ithm); | |
290 | re turn new S ecureRando m((SecureR andomSpi)i nstance.im pl, | |
291 | instance .provider, algorithm ); | |
292 | } | |
293 | ||
294 | /** | |
295 | * Ret urns a Sec ureRandom object tha t implemen ts the spe cified | |
296 | * Ran dom Number Generator (RNG) alg orithm. | |
297 | * | |
298 | * <p> A new Sec ureRandom object enc apsulating the | |
299 | * Sec ureRandomS pi impleme ntation fr om the spe cified pro vider | |
300 | * is returned. The speci fied provi der must b e register ed | |
301 | * in the securi ty provide r list. | |
302 | * | |
303 | * <p> Note that the list of registe red provid ers may be retrieved via | |
304 | * the {@link Se curity#get Providers( ) Security .getProvid ers()} met hod. | |
305 | * | |
306 | * <p> The retur ned Secure Random obj ect has no t been see ded. To s eed the | |
307 | * ret urned obje ct, call t he {@code setSeed} m ethod. | |
308 | * If {@code set Seed} is n ot called, the first call to | |
309 | * {@c ode nextBy tes} will force the SecureRand om object to seed it self. | |
310 | * Thi s self-see ding will not occur if {@code setSeed} w as | |
311 | * pre viously ca lled. | |
312 | * | |
313 | * @pa ram algori thm the na me of the RNG algori thm. | |
314 | * See the Secur eRandom se ction in t he <a href = | |
315 | * "{@ docRoot}/. ./technote s/guides/s ecurity/St andardName s.html#Sec ureRandom" > | |
316 | * Jav a Cryptogr aphy Archi tecture St andard Alg orithm Nam e Document ation</a> | |
317 | * for informati on about s tandard RN G algorith m names. | |
318 | * | |
319 | * @pa ram provid er the nam e of the p rovider. | |
320 | * | |
321 | * @re turn the n ew SecureR andom obje ct. | |
322 | * | |
323 | * @ex ception No SuchAlgori thmExcepti on if a Se cureRandom Spi | |
324 | * impl ementation for the s pecified a lgorithm i s not | |
325 | * avai lable from the speci fied provi der. | |
326 | * | |
327 | * @ex ception No SuchProvid erExceptio n if the s pecified p rovider is not | |
328 | * regi stered in the securi ty provide r list. | |
329 | * | |
330 | * @ex ception Il legalArgum entExcepti on if the provider n ame is nul l | |
331 | * or e mpty. | |
332 | * | |
333 | * @se e Provider | |
334 | * | |
335 | * @si nce 1.2 | |
336 | */ | |
337 | public static Se cureRandom getInstan ce(String algorithm, String pr ovider) | |
338 | throws N oSuchAlgor ithmExcept ion, NoSuc hProviderE xception { | |
339 | In stance ins tance = Ge tInstance. getInstanc e("SecureR andom", | |
340 | SecureRa ndomSpi.cl ass, algor ithm, prov ider); | |
341 | re turn new S ecureRando m((SecureR andomSpi)i nstance.im pl, | |
342 | instance .provider, algorithm ); | |
343 | } | |
344 | ||
345 | /** | |
346 | * Ret urns a Sec ureRandom object tha t implemen ts the spe cified | |
347 | * Ran dom Number Generator (RNG) alg orithm. | |
348 | * | |
349 | * <p> A new Sec ureRandom object enc apsulating the | |
350 | * Sec ureRandomS pi impleme ntation fr om the spe cified Pro vider | |
351 | * obj ect is ret urned. No te that th e specifie d Provider object | |
352 | * doe s not have to be reg istered in the provi der list. | |
353 | * | |
354 | * <p> The retur ned Secure Random obj ect has no t been see ded. To s eed the | |
355 | * ret urned obje ct, call t he {@code setSeed} m ethod. | |
356 | * If {@code set Seed} is n ot called, the first call to | |
357 | * {@c ode nextBy tes} will force the SecureRand om object to seed it self. | |
358 | * Thi s self-see ding will not occur if {@code setSeed} w as | |
359 | * pre viously ca lled. | |
360 | * | |
361 | * @pa ram algori thm the na me of the RNG algori thm. | |
362 | * See the Secur eRandom se ction in t he <a href = | |
363 | * "{@ docRoot}/. ./technote s/guides/s ecurity/St andardName s.html#Sec ureRandom" > | |
364 | * Jav a Cryptogr aphy Archi tecture St andard Alg orithm Nam e Document ation</a> | |
365 | * for informati on about s tandard RN G algorith m names. | |
366 | * | |
367 | * @pa ram provid er the pro vider. | |
368 | * | |
369 | * @re turn the n ew SecureR andom obje ct. | |
370 | * | |
371 | * @ex ception No SuchAlgori thmExcepti on if a Se cureRandom Spi | |
372 | * impl ementation for the s pecified a lgorithm i s not avai lable | |
373 | * from the speci fied Provi der object . | |
374 | * | |
375 | * @ex ception Il legalArgum entExcepti on if the specified provider i s null. | |
376 | * | |
377 | * @se e Provider | |
378 | * | |
379 | * @si nce 1.4 | |
380 | */ | |
381 | public static Se cureRandom getInstan ce(String algorithm, | |
382 | Provider provider) throws No SuchAlgori thmExcepti on { | |
383 | In stance ins tance = Ge tInstance. getInstanc e("SecureR andom", | |
384 | SecureRa ndomSpi.cl ass, algor ithm, prov ider); | |
385 | re turn new S ecureRando m((SecureR andomSpi)i nstance.im pl, | |
386 | instance .provider, algorithm ); | |
387 | } | |
388 | ||
389 | /** | |
390 | * Ret urns the S ecureRando mSpi of th is SecureR andom obje ct. | |
391 | */ | |
392 | Secure RandomSpi getSecureR andomSpi() { | |
393 | re turn secur eRandomSpi ; | |
394 | } | |
395 | ||
396 | /** | |
397 | * Ret urns the p rovider of this Secu reRandom o bject. | |
398 | * | |
399 | * @re turn the p rovider of this Secu reRandom o bject. | |
400 | */ | |
401 | public final Pro vider getP rovider() { | |
402 | re turn provi der; | |
403 | } | |
404 | ||
405 | /** | |
406 | * Ret urns the n ame of the algorithm implement ed by this SecureRan dom | |
407 | * obj ect. | |
408 | * | |
409 | * @re turn the n ame of the algorithm or {@code unknown} | |
410 | * if t he algorit hm name ca nnot be de termined. | |
411 | * @si nce 1.5 | |
412 | */ | |
413 | public String ge tAlgorithm () { | |
414 | re turn (algo rithm != n ull) ? alg orithm : " unknown"; | |
415 | } | |
416 | ||
417 | /** | |
418 | * Res eeds this random obj ect. The g iven seed supplement s, rather than | |
419 | * rep laces, the existing seed. Thus , repeated calls are guarantee d | |
420 | * nev er to redu ce randomn ess. | |
421 | * | |
422 | * @pa ram seed t he seed. | |
423 | * | |
424 | * @se e #getSeed | |
425 | */ | |
426 | synchr onized pub lic void s etSeed(byt e[] seed) { | |
427 | se cureRandom Spi.engine SetSeed(se ed); | |
428 | } | |
429 | ||
430 | /** | |
431 | * Res eeds this random obj ect, using the eight bytes con tained | |
432 | * in the given {@code lon g seed}. T he given s eed supple ments, | |
433 | * rat her than r eplaces, t he existin g seed. Th us, repeat ed calls | |
434 | * are guarantee d never to reduce ra ndomness. | |
435 | * | |
436 | * <p> This metho d is defin ed for com patibility with | |
437 | * {@c ode java.u til.Random }. | |
438 | * | |
439 | * @pa ram seed t he seed. | |
440 | * | |
441 | * @se e #getSeed | |
442 | */ | |
443 | @Overr ide | |
444 | public void setS eed(long s eed) { | |
445 | /* | |
446 | * Ignore ca ll from su per constr uctor (as well as an y other ca lls | |
447 | * unfortuna te enough to be pass ing 0). I t's critic al that we | |
448 | * ignore ca ll from su perclass c onstructor , as diges t has not | |
449 | * yet been initialize d at that point. | |
450 | * / | |
451 | if (seed != 0) { | |
452 | secureRa ndomSpi.en gineSetSee d(longToBy teArray(se ed)); | |
453 | } | |
454 | } | |
455 | ||
456 | /** | |
457 | * Gen erates a u ser-specif ied number of random bytes. | |
458 | * | |
459 | * <p> If a call to {@code setSeed} had not oc curred pre viously, | |
460 | * the first cal l to this method for ces this S ecureRando m object | |
461 | * to seed itsel f. This s elf-seedin g will not occur if | |
462 | * {@c ode setSee d} was pre viously ca lled. | |
463 | * | |
464 | * @pa ram bytes the array to be fill ed in with random by tes. | |
465 | */ | |
466 | @Overr ide | |
467 | public void next Bytes(byte [] bytes) { | |
468 | se cureRandom Spi.engine NextBytes( bytes); | |
469 | } | |
470 | ||
471 | /** | |
472 | * Gen erates an integer co ntaining t he user-sp ecified nu mber of | |
473 | * pse udo-random bits (rig ht justifi ed, with l eading zer os). This | |
474 | * met hod overri des a {@co de java.ut il.Random} method, a nd serves | |
475 | * to provide a source of random bit s to all o f the meth ods inheri ted | |
476 | * fro m that cla ss (for ex ample, {@c ode nextIn t}, | |
477 | * {@c ode nextLo ng}, and { @code next Float}). | |
478 | * | |
479 | * @pa ram numBit s number o f pseudo-r andom bits to be gen erated, wh ere | |
480 | * {@c ode 0 <= n umBits <= 32}. | |
481 | * | |
482 | * @re turn an {@ code int} containing the user- specified number | |
483 | * of pseudo-ran dom bits ( right just ified, wit h leading zeros). | |
484 | */ | |
485 | @Overr ide | |
486 | final protected int next(i nt numBits ) { | |
487 | in t numBytes = (numBit s+7)/8; | |
488 | by te b[] = n ew byte[nu mBytes]; | |
489 | in t next = 0 ; | |
490 | ||
491 | ne xtBytes(b) ; | |
492 | fo r (int i = 0; i < nu mBytes; i+ +) { | |
493 | next = ( next << 8) + (b[i] & 0xFF); | |
494 | } | |
495 | ||
496 | re turn next >>> (numBy tes*8 - nu mBits); | |
497 | } | |
498 | ||
499 | /** | |
500 | * Ret urns the g iven numbe r of seed bytes, com puted usin g the seed | |
501 | * gen eration al gorithm th at this cl ass uses t o seed its elf. This | |
502 | * cal l may be u sed to see d other ra ndom numbe r generato rs. | |
503 | * | |
504 | * <p> This metho d is only included f or backwar ds compati bility. | |
505 | * The caller is encourage d to use o ne of the alternativ e | |
506 | * {@c ode getIns tance} met hods to ob tain a Sec ureRandom object, an d | |
507 | * the n call the {@code ge nerateSeed } method t o obtain s eed bytes | |
508 | * fro m that obj ect. | |
509 | * | |
510 | * @pa ram numByt es the num ber of see d bytes to generate. | |
511 | * | |
512 | * @re turn the s eed bytes. | |
513 | * | |
514 | * @se e #setSeed | |
515 | */ | |
516 | public static by te[] getSe ed(int num Bytes) { | |
517 | if (seedGene rator == n ull) { | |
518 | seedGene rator = ne w SecureRa ndom(); | |
519 | } | |
520 | re turn seedG enerator.g enerateSee d(numBytes ); | |
521 | } | |
522 | ||
523 | /** | |
524 | * Ret urns the g iven numbe r of seed bytes, com puted usin g the seed | |
525 | * gen eration al gorithm th at this cl ass uses t o seed its elf. This | |
526 | * cal l may be u sed to see d other ra ndom numbe r generato rs. | |
527 | * | |
528 | * @pa ram numByt es the num ber of see d bytes to generate. | |
529 | * | |
530 | * @re turn the s eed bytes. | |
531 | */ | |
532 | public byte[] ge nerateSeed (int numBy tes) { | |
533 | re turn secur eRandomSpi .engineGen erateSeed( numBytes); | |
534 | } | |
535 | ||
536 | /** | |
537 | * Hel per functi on to conv ert a long into a by te array ( least sign ificant | |
538 | * byt e first). | |
539 | */ | |
540 | privat e static b yte[] long ToByteArra y(long l) { | |
541 | by te[] retVa l = new by te[8]; | |
542 | ||
543 | fo r (int i = 0; i < 8; i++) { | |
544 | retVal[i ] = (byte) l; | |
545 | l >>= 8; | |
546 | } | |
547 | ||
548 | re turn retVa l; | |
549 | } | |
550 | ||
551 | /** | |
552 | * Get s a defaul t PRNG alg orithm by looking th rough all registered | |
553 | * pro viders. Re turns the first PRNG algorithm of the fi rst provid er that | |
554 | * has registere d a Secure Random imp lementatio n, or null if none o f the | |
555 | * reg istered pr oviders su pplies a S ecureRando m implemen tation. | |
556 | */ | |
557 | privat e static S tring getP rngAlgorit hm() { | |
558 | fo r (Provide r p : Prov iders.getP roviderLis t().provid ers()) { | |
559 | for (Ser vice s : p .getServic es()) { | |
560 | if ( s.getType( ).equals(" SecureRand om")) { | |
561 | return s.g etAlgorith m(); | |
562 | } | |
563 | } | |
564 | } | |
565 | re turn null; | |
566 | } | |
567 | ||
568 | /* | |
569 | * Laz ily initia lize since Pattern.c ompile() i s heavy. | |
570 | * Eff ective Jav a (2nd Edi tion), Ite m 71. | |
571 | */ | |
572 | privat e static f inal class StrongPat ternHolder { | |
573 | /* | |
574 | * Entries a re alg:pro v separate d by , | |
575 | * Allow for prepended /appended whitespace between e ntries. | |
576 | * | |
577 | * Capture g roups: | |
578 | * 1 - a lg | |
579 | * 2 - : prov (opti onal) | |
580 | * 3 - p rov (optio nal) | |
581 | * 4 - , nextEntry (optional) | |
582 | * 5 - n extEntry ( optional) | |
583 | * / | |
584 | pr ivate stat ic Pattern pattern = | |
585 | Pattern. compile( | |
586 | "\\s *([\\S&&[^ :,]]*)(\\: ([\\S&&[^, ]]*))?\\s* (\\,(.*))? "); | |
587 | } | |
588 | ||
589 | /** | |
590 | * Ret urns a {@c ode Secure Random} ob ject that was select ed by usin g | |
591 | * the algorithm s/provider s specifie d in the { @code | |
592 | * sec urerandom. strongAlgo rithms} {@ link Secur ity} prope rty. | |
593 | * <p> | |
594 | * Som e situatio ns require strong ra ndom value s, such as when | |
595 | * creating high-valu e/long-liv ed PW s like RSA public/pr ivate | |
596 | * key s. To hel p guide ap plications in select ing a suit able stron g | |
597 | * {@c ode Secure Random} im plementati on, Java d istributio ns | |
598 | * inc lude a lis t of known strong {@ code Secur eRandom} | |
599 | * imp lementatio ns in the {@code sec urerandom. strongAlgo rithms} | |
600 | * Sec urity prop erty. | |
601 | * <p> | |
602 | * Eve ry impleme ntation of the Java platform i s required to | |
603 | * sup port at le ast one st rong {@cod e SecureRa ndom} impl ementation . | |
604 | * | |
605 | * @re turn a str ong {@code SecureRan dom} imple mentation as indicat ed | |
606 | * by the {@code secureran dom.strong Algorithms } Security property | |
607 | * | |
608 | * @th rows NoSuc hAlgorithm Exception if no algo rithm is a vailable | |
609 | * | |
610 | * @se e Security #getProper ty(String) | |
611 | * | |
612 | * @si nce 1.8 | |
613 | */ | |
614 | public static Se cureRandom getInstan ceStrong() | |
615 | throws N oSuchAlgor ithmExcept ion { | |
616 | ||
617 | St ring prope rty = Acce ssControll er.doPrivi leged( | |
618 | new Priv ilegedActi on<String> () { | |
619 | @Ove rride | |
620 | publ ic String run() { | |
621 | return Sec urity.getP roperty( | |
622 | "secur erandom.st rongAlgori thms"); | |
623 | } | |
624 | }); | |
625 | ||
626 | if ((propert y == null) || (prope rty.length () == 0)) { | |
627 | throw ne w NoSuchAl gorithmExc eption( | |
628 | "Nul l/empty se curerandom .strongAlg orithms Se curity Pro perty"); | |
629 | } | |
630 | ||
631 | St ring remai nder = pro perty; | |
632 | wh ile (remai nder != nu ll) { | |
633 | Matcher m; | |
634 | if ((m = StrongPat ternHolder .pattern.m atcher( | |
635 | remainder) ).matches( )) { | |
636 | ||
637 | Stri ng alg = m .group(1); | |
638 | Stri ng prov = m.group(3) ; | |
639 | ||
640 | try { | |
641 | if (prov = = null) { | |
642 | return SecureRan dom.getIns tance(alg) ; | |
643 | } else { | |
644 | return SecureRan dom.getIns tance(alg, prov); | |
645 | } | |
646 | } ca tch (NoSuc hAlgorithm Exception | | |
647 | NoSuch ProviderEx ception e) { | |
648 | } | |
649 | rema inder = m. group(5); | |
650 | } else { | |
651 | rema inder = nu ll; | |
652 | } | |
653 | } | |
654 | ||
655 | th row new No SuchAlgori thmExcepti on( | |
656 | "No stro ng SecureR andom impl s availabl e: " + pro perty); | |
657 | } | |
658 | ||
659 | // Dec lare seria lVersionUI D to be co mpatible w ith JDK1.1 | |
660 | static final lon g serialVe rsionUID = 494067000 5562187L; | |
661 | ||
662 | // Ret ain unused values se rialized f rom JDK1.1 | |
663 | /** | |
664 | * @se rial | |
665 | */ | |
666 | privat e byte[] s tate; | |
667 | /** | |
668 | * @se rial | |
669 | */ | |
670 | privat e MessageD igest dige st = null; | |
671 | /** | |
672 | * @se rial | |
673 | * | |
674 | * We know that the Messag eDigest cl ass does n ot impleme nt | |
675 | * jav a.io.Seria lizable. However, s ince this field is n o longer | |
676 | * use d, it will always be NULL and won't affe ct the ser ialization | |
677 | * of the Secure Random cla ss itself. | |
678 | */ | |
679 | privat e byte[] r andomBytes ; | |
680 | /** | |
681 | * @se rial | |
682 | */ | |
683 | privat e int rand omBytesUse d; | |
684 | /** | |
685 | * @se rial | |
686 | */ | |
687 | privat e long cou nter; | |
688 | } |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.