On Thursday 02 February 2006 21:37, Raif S. Naffah wrote: > ... > this patch ...replaces the new SecureRandom() occurrences with the use > of an instance field (or in two cases where the class has only static > methods, with a class field) set to an instance of a default PRNG (a > seeded MDGenerator).
2006-02-04 Raif S. Naffah <[EMAIL PROTECTED]>
* gnu/javax/crypto/sasl/srp/SRPServer.java (prng): New field.
(getDefaultPRNG): New method.
(parseO): Use method above.
* gnu/javax/crypto/sasl/srp/SRPClient.java (prng): New field.
(getDefaultPRNG): New method.
(createO): Use method above.
* gnu/javax/crypto/sasl/srp/KDF.java (prng): New class field.
(nextByte): Use above field.
* gnu/javax/crypto/pad/PKCS1_V1_5.java (selfTest): Use PRNG instance.
* gnu/java/security/sig/rsa/RSA.java: New class field.
(newR): Use above field
* gnu/java/security/sig/rsa/EME_PKCS1_V1_5.java (prng): New field.
(encode): Use field.above.
* gnu/java/security/key/dss/FIPS186.java (prng): New field.
(getDefaultPRNG): new method.
(nextRandomBytes): Use above method.
* gnu/java/security/key/rsa/RSAKeyPairGenerator.java: Likewise.
* gnu/java/security/sig/BaseSignature.java: Likewise.
* gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java: Likewise.
* gnu/javax/crypto/key/dh/RFC2631.java: Likewise.
* gnu/javax/crypto/key/srp6/SRPKeyPairGenerator.java: Likewise.
* gnu/javax/crypto/key/BaseKeyAgreementParty.java: Likewise.
* gnu/java/security/key/dss/DSSKeyPairGenerator.java (prng): New field.
(getDefaultPRNG): new method.
(nextRandomBytes): Use above method.
(STRICT_DEFAULTS): new class field.
(USE_DEFAULTS): more documentation to clarify behavior.
(setup): amended to handle new attribute.
* gnu/java/security/util/PRNG.java: New file.
committed.
cheers;
rsn
Index: DSSKeyPairGenerator.java
===================================================================
RCS file: /cvsroot/classpath/classpath/gnu/java/security/key/dss/DSSKeyPairGenerator.java,v
retrieving revision 1.1
diff -u -r1.1 DSSKeyPairGenerator.java
--- DSSKeyPairGenerator.java 26 Jan 2006 02:25:10 -0000 1.1
+++ DSSKeyPairGenerator.java 2 Feb 2006 09:03:37 -0000
@@ -41,6 +41,7 @@
import gnu.java.security.Registry;
import gnu.java.security.hash.Sha160;
import gnu.java.security.key.IKeyPairGenerator;
+import gnu.java.security.util.PRNG;
import java.io.PrintWriter;
import java.math.BigInteger;
@@ -88,10 +89,55 @@
/** Property name of the length (Integer) of the modulus (p) of a DSS key. */
public static final String MODULUS_LENGTH = "gnu.crypto.dss.L";
- /** Property name of the Boolean indicating wether or not to use defaults. */
+ /**
+ * Property name of the Boolean indicating wether or not to use default pre-
+ * computed values of <code>p</code>, <code>q</code> and <code>g</code> for
+ * a given modulus length. The ultimate behaviour of this generator with
+ * regard to using pre-computed parameter sets will depend on the value of
+ * this property and of the following one [EMAIL PROTECTED] #STRICT_DEFAULTS}:
+ *
+ * <ol>
+ * <li>If this property is [EMAIL PROTECTED] Boolean#FALSE} then this generator
+ * will accept being setup for generating parameters for any modulus length
+ * provided the modulus length is between <code>512</code> and
+ * <code>1024</code>, and is of the form <code>512 + 64 * n</code>. In
+ * addition, a new paramter set will always be generated; i.e. no pre-
+ * computed values are used.</li>
+ *
+ * <li>If this property is [EMAIL PROTECTED] Boolean#TRUE} and the value of
+ * [EMAIL PROTECTED] #STRICT_DEFAULTS} is also [EMAIL PROTECTED] Boolean#TRUE} then this generator
+ * will only accept being setup for generating parameters for modulus
+ * lengths of <code>512</code>, <code>768</code> and <code>1024</code>. Any
+ * other value, of the modulus length, even if between <code>512</code> and
+ * <code>1024</code>, and of the form <code>512 + 64 * n</code>, will cause
+ * an [EMAIL PROTECTED] IllegalArgumentException} to be thrown. When those modulus
+ * length (<code>512</code>, <code>768</code>, and <code>1024</code>) are
+ * specified, the paramter set is always the same.</li>
+ *
+ * <li>Finally, if this property is [EMAIL PROTECTED] Boolean#TRUE} and the value of
+ * [EMAIL PROTECTED] #STRICT_DEFAULTS} is [EMAIL PROTECTED] Boolean#FALSE} then this generator
+ * will behave as in point 1 above, except that it will use pre-computed
+ * values when possible; i.e. the modulus length is one of <code>512</code>,
+ * <code>768</code>, or <code>1024</code>.</li>
+ * </ol>
+ *
+ * The default value of this property is [EMAIL PROTECTED] Boolean#TRUE}.
+ */
public static final String USE_DEFAULTS = "gnu.crypto.dss.use.defaults";
/**
+ * Property name of the Boolean indicating wether or not to generate new
+ * parameters, even if the modulus length <i>L</i> is not one of the pre-
+ * computed defaults (value [EMAIL PROTECTED] Boolean#FALSE}), or throw an exception
+ * (value [EMAIL PROTECTED] Boolean#TRUE}) -- the exception in this case is an
+ * [EMAIL PROTECTED] IllegalArgumentException}. The default value for this property is
+ * [EMAIL PROTECTED] Boolean#FALSE}. The ultimate behaviour of this generator will
+ * depend on the values of this and [EMAIL PROTECTED] #USE_DEFAULTS} properties -- see
+ * [EMAIL PROTECTED] #USE_DEFAULTS} for more information.
+ */
+ public static final String STRICT_DEFAULTS = "gnu.crypto.dss.strict.defaults";
+
+ /**
* Property name of an optional [EMAIL PROTECTED] SecureRandom} instance to use. The
* default is to use a classloader singleton from [EMAIL PROTECTED] PRNG}.
*/
@@ -181,6 +227,9 @@
private BigInteger XKEY;
+ /** Our default source of randomness. */
+ private PRNG prng = null;
+
// Constructor(s)
// -------------------------------------------------------------------------
@@ -222,6 +271,10 @@
useDefaults = Boolean.TRUE;
}
+ Boolean strictDefaults = (Boolean) attributes.get(STRICT_DEFAULTS);
+ if (strictDefaults == null)
+ strictDefaults = Boolean.FALSE;
+
// are we given a set of DSA params or we shall use/generate our own?
DSAParameterSpec params = (DSAParameterSpec) attributes.get(DSS_PARAMETERS);
if (params != null)
@@ -250,9 +303,16 @@
g = KEY_PARAMS_1024.getG();
break;
default:
- p = null;
- q = null;
- g = null;
+ if (strictDefaults.equals(Boolean.TRUE))
+ throw new IllegalArgumentException(
+ "Does not provide default parameters for " + L
+ + "-bit modulus length");
+ else
+ {
+ p = null;
+ q = null;
+ g = null;
+ }
}
}
else
@@ -353,8 +413,14 @@
rnd.nextBytes(buffer);
}
else
- {
- new SecureRandom ().nextBytes(buffer);
- }
+ getDefaultPRNG().nextBytes(buffer);
+ }
+
+ private PRNG getDefaultPRNG()
+ {
+ if (prng == null)
+ prng = PRNG.getInstance();
+
+ return prng;
}
}
Index: FIPS186.java
===================================================================
RCS file: /cvsroot/classpath/classpath/gnu/java/security/key/dss/FIPS186.java,v
retrieving revision 1.1
diff -u -r1.1 FIPS186.java
--- FIPS186.java 26 Jan 2006 02:25:10 -0000 1.1
+++ FIPS186.java 2 Feb 2006 09:09:21 -0000
@@ -39,6 +39,7 @@
package gnu.java.security.key.dss;
import gnu.java.security.hash.Sha160;
+import gnu.java.security.util.PRNG;
import gnu.java.security.util.Prime2;
import java.math.BigInteger;
@@ -87,6 +88,9 @@
/** The optional [EMAIL PROTECTED] SecureRandom} instance to use. */
private SecureRandom rnd = null;
+ /** Our default source of randomness. */
+ private PRNG prng = null;
+
// Constructor(s)
// -------------------------------------------------------------------------
@@ -126,7 +130,7 @@
*
* The algorithm used to find these primes is as described in FIPS-186,
* section 2.2: GENERATION OF PRIMES. This prime generation scheme starts by
- * using the [EMAIL PROTECTED] gnu.crypto.hash.Sha160} and a user supplied <i>SEED</i>
+ * using the [EMAIL PROTECTED] Sha160} and a user supplied <i>SEED</i>
* to construct a prime, <code>q</code>, in the range 2<sup>159</sup> < q
* < 2<sup>160</sup>. Once this is accomplished, the same <i>SEED</i>
* value is used to construct an <code>X</code> in the range <code>2<sup>L-1
@@ -279,8 +283,14 @@
rnd.nextBytes(buffer);
}
else
- {
- new SecureRandom ().nextBytes(buffer);
- }
+ getDefaultPRNG().nextBytes(buffer);
+ }
+
+ private PRNG getDefaultPRNG()
+ {
+ if (prng == null)
+ prng = PRNG.getInstance();
+
+ return prng;
}
}
Index: RSAKeyPairGenerator.java
===================================================================
RCS file: /cvsroot/classpath/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java,v
retrieving revision 1.1
diff -u -r1.1 RSAKeyPairGenerator.java
--- RSAKeyPairGenerator.java 26 Jan 2006 02:25:11 -0000 1.1
+++ RSAKeyPairGenerator.java 2 Feb 2006 09:10:19 -0000
@@ -40,6 +40,7 @@
import gnu.java.security.Registry;
import gnu.java.security.key.IKeyPairGenerator;
+import gnu.java.security.util.PRNG;
import gnu.java.security.util.Prime2;
import java.math.BigInteger;
@@ -109,6 +110,9 @@
/** The optional [EMAIL PROTECTED] SecureRandom} instance to use. */
private SecureRandom rnd = null;
+ /** Our default source of randomness. */
+ private PRNG prng = null;
+
// Constructor(s)
// -------------------------------------------------------------------------
@@ -229,8 +233,14 @@
rnd.nextBytes(buffer);
}
else
- {
- new SecureRandom ().nextBytes(buffer);
- }
+ getDefaultPRNG().nextBytes(buffer);
+ }
+
+ private PRNG getDefaultPRNG()
+ {
+ if (prng == null)
+ prng = PRNG.getInstance();
+
+ return prng;
}
}
Index: EME_PKCS1_V1_5.java
===================================================================
RCS file: /cvsroot/classpath/classpath/gnu/java/security/sig/rsa/EME_PKCS1_V1_5.java,v
retrieving revision 1.1
diff -u -r1.1 EME_PKCS1_V1_5.java
--- EME_PKCS1_V1_5.java 26 Jan 2006 02:25:11 -0000 1.1
+++ EME_PKCS1_V1_5.java 2 Feb 2006 09:10:56 -0000
@@ -40,9 +40,9 @@
import gnu.java.security.prng.IRandom;
import gnu.java.security.prng.LimitReachedException;
+import gnu.java.security.util.PRNG;
import java.io.ByteArrayOutputStream;
-import java.security.SecureRandom;
import java.security.interfaces.RSAKey;
import java.util.Random;
@@ -70,6 +70,9 @@
private ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ /** Our default source of randomness. */
+ private PRNG prng = PRNG.getInstance();
+
// Constructor(s)
// -------------------------------------------------------------------------
@@ -128,8 +131,7 @@
final byte[] PS = new byte[k - M.length - 3];
// FIXME. This should be configurable, somehow.
- SecureRandom rnd = new SecureRandom ();
- rnd.nextBytes(PS);
+ prng.nextBytes(PS);
int i = 0;
for (; i < PS.length; i++)
{
@@ -300,6 +302,5 @@
baos.reset();
return result;
-
}
}
Index: RSA.java
===================================================================
RCS file: /cvsroot/classpath/classpath/gnu/java/security/sig/rsa/RSA.java,v
retrieving revision 1.1
diff -u -r1.1 RSA.java
--- RSA.java 26 Jan 2006 02:25:11 -0000 1.1
+++ RSA.java 2 Feb 2006 09:11:27 -0000
@@ -39,12 +39,11 @@
package gnu.java.security.sig.rsa;
import gnu.java.security.Properties;
-import gnu.java.security.key.rsa.GnuRSAKey;
+import gnu.java.security.util.PRNG;
import java.math.BigInteger;
import java.security.PrivateKey;
import java.security.PublicKey;
-import java.security.SecureRandom;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
@@ -79,6 +78,9 @@
private static final BigInteger ONE = BigInteger.ONE;
+ /** Our default source of randomness. */
+ private static final PRNG prng = PRNG.getInstance();
+
// Constructor(s)
// -------------------------------------------------------------------------
@@ -340,16 +342,15 @@
final int upper = (N.bitLength() + 7) / 8;
final int lower = upper / 2;
final byte[] bl = new byte[1];
- SecureRandom rnd = new SecureRandom ();
int b;
do
{
- rnd.nextBytes(bl);
+ prng.nextBytes(bl);
b = bl[0] & 0xFF;
}
while (b < lower || b > upper);
final byte[] buffer = new byte[b]; // 256-bit MPI
- rnd.nextBytes(buffer);
+ prng.nextBytes(buffer);
return new BigInteger(1, buffer);
}
}
Index: BaseSignature.java
===================================================================
RCS file: /cvsroot/classpath/classpath/gnu/java/security/sig/BaseSignature.java,v
retrieving revision 1.1
diff -u -r1.1 BaseSignature.java
--- BaseSignature.java 26 Jan 2006 02:25:11 -0000 1.1
+++ BaseSignature.java 2 Feb 2006 09:12:49 -0000
@@ -41,10 +41,10 @@
import gnu.java.security.hash.IMessageDigest;
import gnu.java.security.prng.IRandom;
import gnu.java.security.prng.LimitReachedException;
+import gnu.java.security.util.PRNG;
import java.security.PrivateKey;
import java.security.PublicKey;
-import java.security.SecureRandom;
import java.util.Map;
import java.util.Random;
@@ -76,6 +76,9 @@
/** The optional [EMAIL PROTECTED] IRandom} instance to use. */
private IRandom irnd;
+ /** Our default source of randomness. */
+ private PRNG prng = null;
+
// Constructor(s)
// -------------------------------------------------------------------------
@@ -224,9 +227,7 @@
}
}
else
- {
- new SecureRandom ().nextBytes(buffer);
- }
+ getDefaultPRNG().nextBytes(buffer);
}
private void setup(Map attributes)
@@ -244,4 +245,12 @@
irnd = (IRandom) obj;
}
}
+
+ private PRNG getDefaultPRNG()
+ {
+ if (prng == null)
+ prng = PRNG.getInstance();
+
+ return prng;
+ }
}
Index: PRNG.java
===================================================================
RCS file: PRNG.java
diff -N PRNG.java
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ PRNG.java 1 Jan 1970 00:00:00 -0000
@@ -0,0 +1,156 @@
+/* PRNG.java -- A Utility methods for default source of randomness
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING. If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.security.util;
+
+import java.util.HashMap;
+
+import gnu.java.security.prng.IRandom;
+import gnu.java.security.prng.LimitReachedException;
+import gnu.java.security.prng.MDGenerator;
+
+/**
+ * A useful hash-based (SHA) pseudo-random number generator used
+ * throughout this library.
+ *
+ * @see MDGenerator
+ */
+public class PRNG
+{
+ // Constans and fields
+ // --------------------------------------------------------------------------
+
+ /** The underlying [EMAIL PROTECTED] IRandom}. */
+ private IRandom delegate;
+
+ // Constructor(s)
+ // --------------------------------------------------------------------------
+
+ /**
+ * Private constructor to enforce using the Factory method.
+ *
+ * @param delegate
+ * the undelying [EMAIL PROTECTED] IRandom} object used.
+ */
+ private PRNG(IRandom delegate)
+ {
+ super();
+
+ this.delegate = delegate;
+ }
+
+ // Class methods
+ // --------------------------------------------------------------------------
+
+ public static final PRNG getInstance()
+ {
+ IRandom delegate = new MDGenerator();
+ try
+ {
+ HashMap map = new HashMap();
+ // initialise it with a seed
+ long t = System.currentTimeMillis();
+ byte[] seed = new byte[] {
+ (byte) (t >>> 56), (byte) (t >>> 48),
+ (byte) (t >>> 40), (byte) (t >>> 32),
+ (byte) (t >>> 24), (byte) (t >>> 16),
+ (byte) (t >>> 8), (byte) t};
+ map.put(MDGenerator.SEEED, seed);
+ delegate.init(map); // default is to use SHA-1 hash
+ }
+ catch (Exception x)
+ {
+ throw new ExceptionInInitializerError(x);
+ }
+
+ return new PRNG(delegate);
+ }
+
+ // Instance methods
+ // --------------------------------------------------------------------------
+
+ /**
+ * Completely fills the designated <code>buffer</code> with random data
+ * generated by the underlying delegate.
+ *
+ * @param buffer
+ * the place holder of random bytes generated by the underlying
+ * delegate. On output, the contents of <code>buffer</code> are
+ * replaced with pseudo-random data, iff the <code>buffer</code>
+ * size is not zero.
+ */
+ public void nextBytes(byte[] buffer)
+ {
+ nextBytes(buffer, 0, buffer.length);
+ }
+
+ /**
+ * Fills the designated <code>buffer</code>, starting from byte at position
+ * <code>offset</code> with, at most, <code>length</code> bytes of random
+ * data generated by the underlying delegate.
+ *
+ * @see IRandom#nextBytes
+ */
+ public void nextBytes(byte[] buffer, int offset, int length)
+ {
+ try
+ {
+ delegate.nextBytes(buffer, offset, length);
+ }
+ catch (LimitReachedException x) // re-initialise with a seed
+ {
+ try
+ {
+ HashMap map = new HashMap();
+ long t = System.currentTimeMillis();
+ byte[] seed = new byte[] {
+ (byte)(t >>> 56), (byte)(t >>> 48),
+ (byte)(t >>> 40), (byte)(t >>> 32),
+ (byte)(t >>> 24), (byte)(t >>> 16),
+ (byte)(t >>> 8), (byte) t };
+ map.put(MDGenerator.SEEED, seed);
+ delegate.init(map); // default is to use SHA-1 hash
+ delegate.nextBytes(buffer, offset, length);
+ }
+ catch (Exception y)
+ {
+ throw new ExceptionInInitializerError(y);
+ }
+ }
+ }
+}
Index: GnuDHKeyPairGenerator.java
===================================================================
RCS file: /cvsroot/classpath/classpath/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java,v
retrieving revision 1.1
diff -u -r1.1 GnuDHKeyPairGenerator.java
--- GnuDHKeyPairGenerator.java 26 Jan 2006 02:25:09 -0000 1.1
+++ GnuDHKeyPairGenerator.java 2 Feb 2006 09:15:40 -0000
@@ -41,6 +41,7 @@
import gnu.java.security.Registry;
import gnu.java.security.hash.Sha160;
import gnu.java.security.key.IKeyPairGenerator;
+import gnu.java.security.util.PRNG;
import java.io.PrintWriter;
import java.math.BigInteger;
@@ -133,6 +134,9 @@
private BigInteger g;
+ /** Our default source of randomness. */
+ private PRNG prng = null;
+
// Constructor(s)
// -------------------------------------------------------------------------
@@ -247,8 +251,14 @@
rnd.nextBytes(buffer);
}
else
- {
- new SecureRandom ().nextBytes(buffer);
- }
+ getDefaultPRNG().nextBytes(buffer);
+ }
+
+ private PRNG getDefaultPRNG()
+ {
+ if (prng == null)
+ prng = PRNG.getInstance();
+
+ return prng;
}
}
Index: RFC2631.java
===================================================================
RCS file: /cvsroot/classpath/classpath/gnu/javax/crypto/key/dh/RFC2631.java,v
retrieving revision 1.1
diff -u -r1.1 RFC2631.java
--- RFC2631.java 26 Jan 2006 02:25:09 -0000 1.1
+++ RFC2631.java 2 Feb 2006 09:16:13 -0000
@@ -39,6 +39,7 @@
package gnu.javax.crypto.key.dh;
import gnu.java.security.hash.Sha160;
+import gnu.java.security.util.PRNG;
import gnu.java.security.util.Prime2;
import java.math.BigInteger;
@@ -87,6 +88,9 @@
/** The optional [EMAIL PROTECTED] SecureRandom} instance to use. */
private SecureRandom rnd = null;
+ /** Our default source of randomness. */
+ private PRNG prng = null;
+
// Constructor(s)
// -------------------------------------------------------------------------
@@ -238,8 +242,14 @@
rnd.nextBytes(buffer);
}
else
- {
- new SecureRandom ().nextBytes(buffer);
- }
+ getDefaultPRNG().nextBytes(buffer);
+ }
+
+ private PRNG getDefaultPRNG()
+ {
+ if (prng == null)
+ prng = PRNG.getInstance();
+
+ return prng;
}
}
Index: SRPKeyPairGenerator.java
===================================================================
RCS file: /cvsroot/classpath/classpath/gnu/javax/crypto/key/srp6/SRPKeyPairGenerator.java,v
retrieving revision 1.1
diff -u -r1.1 SRPKeyPairGenerator.java
--- SRPKeyPairGenerator.java 26 Jan 2006 02:25:09 -0000 1.1
+++ SRPKeyPairGenerator.java 2 Feb 2006 09:16:58 -0000
@@ -40,6 +40,7 @@
import gnu.java.security.Registry;
import gnu.java.security.key.IKeyPairGenerator;
+import gnu.java.security.util.PRNG;
import gnu.java.security.util.Prime2;
import java.io.PrintWriter;
@@ -126,6 +127,9 @@
/** The user's verifier MPI. */
private BigInteger v;
+ /** Our default source of randomness. */
+ private PRNG prng = null;
+
// Constructor(s)
// -------------------------------------------------------------------------
@@ -334,8 +338,14 @@
rnd.nextBytes(buffer);
}
else
- {
- new SecureRandom ().nextBytes(buffer);
- }
+ getDefaultPRNG().nextBytes(buffer);
+ }
+
+ private PRNG getDefaultPRNG()
+ {
+ if (prng == null)
+ prng = PRNG.getInstance();
+
+ return prng;
}
}
Index: BaseKeyAgreementParty.java
===================================================================
RCS file: /cvsroot/classpath/classpath/gnu/javax/crypto/key/BaseKeyAgreementParty.java,v
retrieving revision 1.1
diff -u -r1.1 BaseKeyAgreementParty.java
--- BaseKeyAgreementParty.java 26 Jan 2006 02:25:09 -0000 1.1
+++ BaseKeyAgreementParty.java 2 Feb 2006 09:17:33 -0000
@@ -40,6 +40,7 @@
import gnu.java.security.prng.IRandom;
import gnu.java.security.prng.LimitReachedException;
+import gnu.java.security.util.PRNG;
import java.math.BigInteger;
import java.security.SecureRandom;
@@ -75,6 +76,9 @@
/** The optional [EMAIL PROTECTED] IRandom} instance to use. */
protected IRandom irnd = null;
+ /** Our default source of randomness. */
+ private PRNG prng = null;
+
// Constructor(s)
// -------------------------------------------------------------------------
@@ -187,12 +191,18 @@
catch (LimitReachedException lre)
{
irnd = null;
- new SecureRandom ().nextBytes(buffer);
+ getDefaultPRNG().nextBytes(buffer);
}
}
else
- {
- new SecureRandom ().nextBytes(buffer);
- }
+ getDefaultPRNG().nextBytes(buffer);
+ }
+
+ private PRNG getDefaultPRNG()
+ {
+ if (prng == null)
+ prng = PRNG.getInstance();
+
+ return prng;
}
}
\ No newline at end of file
Index: PKCS1_V1_5.java
===================================================================
RCS file: /cvsroot/classpath/classpath/gnu/javax/crypto/pad/PKCS1_V1_5.java,v
retrieving revision 1.1
diff -u -r1.1 PKCS1_V1_5.java
--- PKCS1_V1_5.java 26 Jan 2006 02:25:09 -0000 1.1
+++ PKCS1_V1_5.java 2 Feb 2006 09:18:23 -0000
@@ -40,10 +40,10 @@
import gnu.java.security.Registry;
import gnu.java.security.sig.rsa.EME_PKCS1_V1_5;
+import gnu.java.security.util.PRNG;
import gnu.java.security.util.Util;
import java.io.PrintWriter;
-import java.util.Random;
/**
* <p>A padding algorithm implementation of the EME-PKCS1-V1.5 encoding/decoding
@@ -143,7 +143,7 @@
{
final int[] mLen = new int[] { 16, 20, 32, 48, 64 };
final byte[] M = new byte[mLen[mLen.length - 1]];
- new Random ().nextBytes(M);
+ PRNG.getInstance().nextBytes(M);
final byte[] EM = new byte[1024];
byte[] p;
int bs, i, j;
Index: KDF.java
===================================================================
RCS file: /cvsroot/classpath/classpath/gnu/javax/crypto/sasl/srp/KDF.java,v
retrieving revision 1.1
diff -u -r1.1 KDF.java
--- KDF.java 26 Jan 2006 02:25:10 -0000 1.1
+++ KDF.java 2 Feb 2006 09:19:11 -0000
@@ -40,11 +40,11 @@
import gnu.java.security.Registry;
import gnu.java.security.prng.LimitReachedException;
+import gnu.java.security.util.PRNG;
import gnu.javax.crypto.cipher.IBlockCipher;
import gnu.javax.crypto.prng.UMacGenerator;
import java.util.HashMap;
-import java.util.Random;
/**
* <p>The SASL-SRP KDF implementation, which is also used, depending on how it
@@ -60,6 +60,11 @@
private static final int AES_KEY_SIZE = 16; // default key size for the AES
+ private static final byte[] buffer = new byte[1];
+
+ /** Our default source of randomness. */
+ private static final PRNG prng = PRNG.getInstance();
+
/** The shared secret K to use. */
// private byte[] keyMaterial;
/** The underlying UMAC Generator instance. */
@@ -117,11 +122,18 @@
else
{
keyMaterial = new byte[AES_BLOCK_SIZE];
- ndx = new Random ().nextInt (256); // XXX does this need to be secure?
+ while (ndx < 1 || ndx > 255)
+ ndx = (byte) nextByte();
}
return new KDF(keyMaterial, ndx);
}
+ private static synchronized final int nextByte()
+ {
+ prng.nextBytes(buffer);
+ return (buffer[0] & 0xFF);
+ }
+
// Instance methods
// -------------------------------------------------------------------------
Index: SRPClient.java
===================================================================
RCS file: /cvsroot/classpath/classpath/gnu/javax/crypto/sasl/srp/SRPClient.java,v
retrieving revision 1.1
diff -u -r1.1 SRPClient.java
--- SRPClient.java 26 Jan 2006 02:25:10 -0000 1.1
+++ SRPClient.java 2 Feb 2006 09:19:55 -0000
@@ -40,6 +40,7 @@
import gnu.java.security.Registry;
import gnu.java.security.hash.MD5;
+import gnu.java.security.util.PRNG;
import gnu.java.security.util.Util;
import gnu.javax.crypto.key.IKeyAgreementParty;
@@ -65,7 +66,6 @@
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
import java.util.Arrays;
import java.util.HashMap;
import java.util.StringTokenizer;
@@ -160,6 +160,9 @@
private IKeyAgreementParty clientHandler = KeyAgreementFactory.getPartyAInstance(Registry.SRP_SASL_KA);
+ /** Our default source of randomness. */
+ private PRNG prng = null;
+
// Constructor(s)
// -------------------------------------------------------------------------
@@ -563,7 +566,8 @@
// if session re-use generate new 16-byte nonce
if (sid.length != 0)
{
- cn = new SecureRandom ().generateSeed (16);
+ cn = new byte[16];
+ getDefaultPRNG().nextBytes(cn);
}
else
{
@@ -1091,7 +1095,7 @@
final int blockSize = cipher.defaultBlockSize();
// 3. generate random iv
cIV = new byte[blockSize];
- new SecureRandom ().nextBytes(cIV);
+ getDefaultPRNG().nextBytes(cIV);
}
srp = SRP.instance(mdName);
@@ -1196,4 +1200,12 @@
outCipher));
}
}
+
+ private PRNG getDefaultPRNG()
+ {
+ if (prng == null)
+ prng = PRNG.getInstance();
+
+ return prng;
+ }
}
\ No newline at end of file
Index: SRPServer.java
===================================================================
RCS file: /cvsroot/classpath/classpath/gnu/javax/crypto/sasl/srp/SRPServer.java,v
retrieving revision 1.1
diff -u -r1.1 SRPServer.java
--- SRPServer.java 26 Jan 2006 02:25:10 -0000 1.1
+++ SRPServer.java 2 Feb 2006 09:20:34 -0000
@@ -39,6 +39,7 @@
package gnu.javax.crypto.sasl.srp;
import gnu.java.security.Registry;
+import gnu.java.security.util.PRNG;
import gnu.java.security.util.Util;
import gnu.javax.crypto.assembly.Direction;
@@ -61,7 +62,6 @@
import java.io.ByteArrayOutputStream;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
-import java.security.SecureRandom;
import java.util.Arrays;
import java.util.HashMap;
import java.util.StringTokenizer;
@@ -148,6 +148,9 @@
private IKeyAgreementParty serverHandler = KeyAgreementFactory.getPartyBInstance(Registry.SRP_SASL_KA);
+ /** Our default source of randomness. */
+ private PRNG prng = null;
+
// Constructor(s)
// -------------------------------------------------------------------------
@@ -593,7 +596,7 @@
{
sn = new byte[16];
}
- new SecureRandom ().nextBytes(sn);
+ getDefaultPRNG().nextBytes(sn);
setupSecurityServices(false);
@@ -1072,9 +1075,7 @@
sIV = new byte[blockSize];
if (blockSize > 0)
- {
- new SecureRandom ().nextBytes(sIV);
- }
+ getDefaultPRNG().nextBytes(sIV);
}
private void setupSecurityServices(final boolean newSession)
@@ -1144,4 +1145,12 @@
outCipher));
}
}
+
+ private PRNG getDefaultPRNG()
+ {
+ if (prng == null)
+ prng = PRNG.getInstance();
+
+ return prng;
+ }
}
\ No newline at end of file
pgp9udsPCsZWj.pgp
Description: PGP signature
