< prev index next >
src/java.base/share/classes/java/security/SecureRandomSpi.java
Print this page
rev 13987 : 8051408: NIST SP 800-90A SecureRandom implementations
*** 1,7 ****
/*
! * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
--- 1,7 ----
/*
! * Copyright (c) 1998, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
*** 25,74 ****
package java.security;
/**
* This class defines the <i>Service Provider Interface</i> (<b>SPI</b>)
! * for the {@code SecureRandom} class.
* All the abstract methods in this class must be implemented by each
* service provider who wishes to supply the implementation
* of a cryptographically strong pseudo-random number generator.
*
*
- * @see SecureRandom
* @since 1.2
*/
public abstract class SecureRandomSpi implements java.io.Serializable {
private static final long serialVersionUID = -2991854161009191830L;
/**
! * Reseeds this random object. The given seed supplements, rather than
! * replaces, the existing seed. Thus, repeated calls are guaranteed
! * never to reduce randomness.
*
* @param seed the seed.
*/
protected abstract void engineSetSeed(byte[] seed);
/**
* Generates a user-specified number of random bytes.
*
- * <p> If a call to {@code engineSetSeed} had not occurred previously,
- * the first call to this method forces this SecureRandom implementation
- * to seed itself. This self-seeding will not occur if
- * {@code engineSetSeed} was previously called.
- *
* @param bytes the array to be filled in with random bytes.
*/
protected abstract void engineNextBytes(byte[] bytes);
/**
* Returns the given number of seed bytes. This call may be used to
* seed other random number generators.
*
* @param numBytes the number of seed bytes to generate.
*
* @return the seed bytes.
*/
protected abstract byte[] engineGenerateSeed(int numBytes);
}
--- 25,178 ----
package java.security;
/**
* This class defines the <i>Service Provider Interface</i> (<b>SPI</b>)
! * for the {@link SecureRandom} class.
! * <p>
* All the abstract methods in this class must be implemented by each
* service provider who wishes to supply the implementation
* of a cryptographically strong pseudo-random number generator.
*
+ * @implSpec
+ * If the {@link #SecureRandomSpi(SecureRandomInstantiateParameters)}
+ * constructor is overridden in an implementation, it will always be called
+ * whenever a {@code SecureRandom} is instantiated. Precisely, if an object is
+ * instantiated with one of {@code SecureRandom}'s {@code getInstance} methods
+ * <em>without</em> a {@link SecureRandomInstantiateParameters} parameter,
+ * the constructor will be called with a {@code null} argument and the
+ * implementation is responsible for creating its own
+ * {@code SecureRandomInstantiateParameters} parameter for use when
+ * {@link #engineGetParameters()} is called. If an object
+ * is instantiated with one of {@code SecureRandom}'s {@code getInstance}
+ * methods <em>with</em> a {@code SecureRandomInstantiateParameters} argument,
+ * the constructor will be called with that argument. The
+ * {@link #engineGetParameters()} method must not return {@code null}.
+ * <p>
+ * Otherwise, if the {@code SecureRandomSpi(SecureRandomInstantiateParameters)}
+ * constructor is not overridden in an implementation, the
+ * {@link #SecureRandomSpi()} constructor must be overridden and it will be
+ * called if an object is instantiated with one of {@code SecureRandom}'s
+ * {@code getInstance} methods <em>without</em> a
+ * {@code SecureRandomInstantiateParameters} argument. Calling one of
+ * {@code SecureRandom}'s {@code getInstance} methods <em>with</em>
+ * a {@code SecureRandomInstantiateParameters} argument will never
+ * return an instance of this implementation. The
+ * {@link #engineGetParameters()} method must return {@code null}.
*
* @since 1.2
*/
public abstract class SecureRandomSpi implements java.io.Serializable {
private static final long serialVersionUID = -2991854161009191830L;
/**
! * Constructor without a parameter.
! */
! public SecureRandomSpi() {
! // ignored
! }
!
! /**
! * Constructor with a parameter.
! *
! * @param params the {@link SecureRandomInstantiateParameters} object.
! * This argument can be {@code null}.
! * @throws IllegalArgumentException if {@code params} is
! * unrecognizable or unsupported by this {@code SecureRandom}
! *
! * @since 9
! */
! protected SecureRandomSpi(SecureRandomInstantiateParameters params) {
! // ignored
! }
!
! /**
! * Reseeds this random object with the given seed. The seed supplements,
! * rather than replaces, the existing seed. Thus, repeated calls
! * are guaranteed never to reduce randomness.
*
* @param seed the seed.
*/
protected abstract void engineSetSeed(byte[] seed);
/**
* Generates a user-specified number of random bytes.
*
* @param bytes the array to be filled in with random bytes.
*/
protected abstract void engineNextBytes(byte[] bytes);
/**
+ * Generates a user-specified number of random bytes with
+ * additional parameters.
+ *
+ * @implSpec The default implementation throws
+ * an {@link UnsupportedOperationException}.
+ *
+ * @param bytes the array to be filled in with random bytes
+ * @param params additional parameters
+ * @throws UnsupportedOperationException if the implementation
+ * has not overridden this method
+ * @throws IllegalArgumentException if {@code params} is {@code null},
+ * unrecognizable or unsupported by this {@code SecureRandom}
+ *
+ * @since 9
+ */
+ protected void engineNextBytes(
+ byte[] bytes, SecureRandomNextBytesParameters params) {
+ throw new UnsupportedOperationException("not supported");
+ }
+
+ /**
* Returns the given number of seed bytes. This call may be used to
* seed other random number generators.
*
* @param numBytes the number of seed bytes to generate.
*
* @return the seed bytes.
*/
protected abstract byte[] engineGenerateSeed(int numBytes);
+
+ /**
+ * Reseeds this random object with entropy input read from its
+ * entropy source with additional parameters.
+ * <p>
+ * If this method is called by {@link SecureRandom#reseed()},
+ * {@code params} will be {@code null}.
+ *
+ * @implSpec The default implementation throws
+ * an {@link UnsupportedOperationException}.
+ *
+ * @param params extra parameters, can be {@code null}.
+ * @throws UnsupportedOperationException if the implementation
+ * has not overridden this method
+ * @throws IllegalArgumentException if {@code params} is
+ * unrecognizable or unsupported by this {@code SecureRandom}
+ *
+ * @since 9
+ */
+ protected void engineReseed(SecureRandomReseedParameters params) {
+ throw new UnsupportedOperationException("not supported");
+ }
+
+ /**
+ * Returns the effective {@link SecureRandomInstantiateParameters}
+ * that is actually used to instantiate this {@code SecureRandom}.
+ *
+ * @implSpec The default implementation returns {@code null}.
+ *
+ * @return the parameters used in instantiation, or {@code null} if no
+ * parameters were used.
+ *
+ * @since 9
+ */
+ protected SecureRandomInstantiateParameters engineGetParameters() {
+ return null;
+ }
+
+ @Override
+ public String toString() {
+ return getClass().getSimpleName();
+ }
}
< prev index next >