|
JavaTM 2 Platform Std. Ed. v1.4.1 |
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--java.util.Random | +--java.security.SecureRandom
This class provides a cryptographically strong pseudo-random number generator (PRNG). A cryptographically strong pseudo-random number minimally complies with the statistical random number generator tests specified in FIPS 140-2, Security Requirements for Cryptographic Modules, section 4.9.1. Additionally, SecureRandom must produce non-deterministic output and therefore it is required that the seed material be unpredictable and that output of SecureRandom be cryptographically strong sequences as described in RFC 1750: Randomness Recommendations for Security.
Like other algorithm-based classes in Java Security, SecureRandom
provides implementation-independent algorithms, whereby a caller
(application code) requests a particular PRNG algorithm
and is handed back a SecureRandom object for that algorithm. It is
also possible, if desired, to request a particular algorithm from a
particular provider. See the getInstance
methods.
Thus, there are two ways to request a SecureRandom object: by specifying either just an algorithm name, or both an algorithm name and a package provider.
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");the system will determine if there is an implementation of the algorithm requested available in the environment, and if there is more than one, if there is a preferred one.
SecureRandom random = SecureRandom.getInstance("SHA1PRNG", "SUN");the system will determine if there is an implementation of the algorithm in the package requested, and throw an exception if there is not.
The SecureRandom implementation attempts to completely
randomize the internal state of the generator itself unless
the caller follows the call to a getInstance
method
with a call to the setSeed
method:
SecureRandom random = SecureRandom.getInstance("SHA1PRNG"); random.setSeed(seed);
After the caller obtains the SecureRandom object from the
getInstance
call, it can call nextBytes
to generate random bytes:
byte bytes[] = new byte[20]; random.nextBytes(bytes);
The caller may also invoke the generateSeed
method
to generate a given number of seed bytes (to seed other random number
generators, for example):
byte seed[] = random.generateSeed(20);
SecureRandomSpi
,
Random
,
Serialized FormConstructor Summary | |
|
SecureRandom()
By using this constructor, the caller obtains a SecureRandom object containing the implementation from the highest-priority installed provider that has a SecureRandom implementation. |
|
SecureRandom(byte[] seed)
By using this constructor, the caller obtains a SecureRandom object containing the implementation from the highest-priority installed provider that has a SecureRandom implementation. |
protected |
SecureRandom(SecureRandomSpi secureRandomSpi,
Provider provider)
Creates a SecureRandom object. |
Method Summary | |
byte[] |
generateSeed(int numBytes)
Returns the given number of seed bytes, computed using the seed generation algorithm that this class uses to seed itself. |
static SecureRandom |
getInstance(String algorithm)
Generates a SecureRandom object that implements the specified Pseudo Random Number Generator (PRNG) algorithm. |
static SecureRandom |
getInstance(String algorithm,
Provider provider)
Generates a SecureRandom object for the specified PRNG algorithm, as supplied from the specified provider, if such a PRNG implementation is available from the provider. |
static SecureRandom |
getInstance(String algorithm,
String provider)
Generates a SecureRandom object for the specified PRNG algorithm, as supplied from the specified provider, if such a PRNG implementation is available from the provider. |
Provider |
getProvider()
Returns the provider of this SecureRandom object. |
static byte[] |
getSeed(int numBytes)
Returns the given number of seed bytes, computed using the seed generation algorithm that this class uses to seed itself. |
protected int |
next(int numBits)
Generates an integer containing the user-specified number of pseudo-random bits (right justified, with leading zeros). |
void |
nextBytes(byte[] bytes)
Generates a user-specified number of random bytes. |
void |
setSeed(byte[] seed)
Reseeds this random object. |
void |
setSeed(long seed)
Reseeds this random object, using the eight bytes contained in the given long seed . |
Methods inherited from class java.util.Random |
nextBoolean, nextDouble, nextFloat, nextGaussian, nextInt, nextInt, nextLong |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
public SecureRandom()
By using this constructor, the caller obtains a SecureRandom object containing the implementation from the highest-priority installed provider that has a SecureRandom implementation.
Note that this instance of SecureRandom has not been seeded.
A call to the setSeed
method will seed the SecureRandom
object. If a call is not made to setSeed
, the first call
to the nextBytes
method will force the SecureRandom object
to seed itself.
This constructor is provided for backwards compatibility.
The caller is encouraged to use one of the alternative
getInstance
methods to obtain a SecureRandom object.
public SecureRandom(byte[] seed)
By using this constructor, the caller obtains a SecureRandom object containing the implementation from the highest-priority installed provider that has a SecureRandom implementation. This constructor uses a user-provided seed in preference to the self-seeding algorithm referred to in the empty constructor description. It may be preferable to the empty constructor if the caller has access to high-quality random bytes from some physical device (for example, a radiation detector or a noisy diode).
This constructor is provided for backwards compatibility.
The caller is encouraged to use one of the alternative
getInstance
methods to obtain a SecureRandom object, and
then to call the setSeed
method to seed it.
seed
- the seed.protected SecureRandom(SecureRandomSpi secureRandomSpi, Provider provider)
secureRandomSpi
- the SecureRandom implementation.provider
- the provider.Method Detail |
public static SecureRandom getInstance(String algorithm) throws NoSuchAlgorithmException
Note that the returned instance of SecureRandom has not been seeded.
A call to the setSeed
method will seed the SecureRandom
object. If a call is not made to setSeed
, the first call
to the nextBytes
method will force the SecureRandom object
to seed itself.
algorithm
- the name of the PRNG algorithm.
See Appendix A in the
Java Cryptography Architecture API Specification & Reference
for information about standard PRNG algorithm names.
NoSuchAlgorithmException
- if the PRNG algorithm is
not available in the caller's environment.public static SecureRandom getInstance(String algorithm, String provider) throws NoSuchAlgorithmException, NoSuchProviderException
Note that the returned instance of SecureRandom has not been seeded.
A call to the setSeed
method will seed the SecureRandom
object. If a call is not made to setSeed
, the first call
to the nextBytes
method will force the SecureRandom object
to seed itself.
algorithm
- the name of the PRNG algorithm.
See Appendix A in the
Java Cryptography Architecture API Specification & Reference
for information about standard PRNG algorithm names.provider
- the name of the provider.
NoSuchAlgorithmException
- if the requested PRNG
implementation is not available from the provider.
NoSuchProviderException
- if the provider has not been
configured.
IllegalArgumentException
- if the provider name is null
or empty.Provider
public static SecureRandom getInstance(String algorithm, Provider provider) throws NoSuchAlgorithmException
provider
doesn't have to be registered.
Note that the returned instance of SecureRandom has not been seeded.
A call to the setSeed
method will seed the SecureRandom
object. If a call is not made to setSeed
, the first call
to the nextBytes
method will force the SecureRandom object
to seed itself.
algorithm
- the name of the PRNG algorithm.
See Appendix A in the
Java Cryptography Architecture API Specification & Reference
for information about standard PRNG algorithm names.provider
- the provider.
NoSuchAlgorithmException
- if the requested PRNG
implementation is not available from the provider.
IllegalArgumentException
- if the provider
is
null.Provider
public final Provider getProvider()
public void setSeed(byte[] seed)
seed
- the seed.getSeed(int)
public void setSeed(long seed)
long seed
. The given seed supplements,
rather than replaces, the existing seed. Thus, repeated calls
are guaranteed never to reduce randomness.
This method is defined for compatibility with
java.util.Random
.
seed
- the seed.getSeed(int)
public void nextBytes(byte[] bytes)
bytes
- the array to be filled in with random bytes.protected final int next(int numBits)
java.util.Random
method, and serves
to provide a source of random bits to all of the methods inherited
from that class (for example, nextInt
,
nextLong
, and nextFloat
).
numBits
- number of pseudo-random bits to be generated, where
0 <= numBits
<= 32.
int
containing the user-specified number
of pseudo-random bits (right justified, with leading zeros).public static byte[] getSeed(int numBytes)
This method is only included for backwards compatibility.
The caller is encouraged to use one of the alternative
getInstance
methods to obtain a SecureRandom object, and
then call the generateSeed
method to obtain seed bytes
from that object.
numBytes
- the number of seed bytes to generate.
setSeed(byte[])
public byte[] generateSeed(int numBytes)
numBytes
- the number of seed bytes to generate.
|
JavaTM 2 Platform Std. Ed. v1.4.1 |
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
Copyright 2002 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.