[cp-patches] FYI: fix for PR classpath/24481

Wed, 12 Apr 2006 09:38:43 -0700 

Hi.
This patch is an attempt to fix bug 24481, which has to do with issues setting seed values for SecureRandom implementations. It does this by updating the message digest with the seed; I don't know if this is the "correct" way to augment a MD-based PRNG, but it seems like it should be safe. 

2006-04-12  Casey Marshall  <[EMAIL PROTECTED]>

        Fixes PR classpath/24481.
        * gnu/java/security/jce/prng/SecureRandomAdapter.java (<init>):
        initialize the adaptee.
        (setSeed): call `addRandomBytes;' don't re-initialize the adaptee.
        * gnu/java/security/prng/MDGenerator.java (addRandomByte,
        addRandomBytes): new methods.

Committed.


Index: gnu/java/security/prng/MDGenerator.java
===================================================================
RCS file: /cvsroot/classpath/classpath/gnu/java/security/prng/MDGenerator.java,v
retrieving revision 1.2
diff -u -B -b -r1.2 MDGenerator.java
--- gnu/java/security/prng/MDGenerator.java     24 Feb 2006 11:14:23 -0000      
1.2
+++ gnu/java/security/prng/MDGenerator.java     12 Apr 2006 05:12:53 -0000
@@ -122,6 +122,20 @@
     md.update(buffer, 0, buffer.length);
   }
 
+  public void addRandomByte (final byte b)
+  {
+    if (md == null)
+      throw new IllegalStateException ("not initialized");
+    md.update (b);
+  }
+
+  public void addRandomBytes (final byte[] buf, final int off, final int len)
+  {
+    if (md == null)
+      throw new IllegalStateException ("not initialized");
+    md.update (buf, off, len);
+  }
+
   // Cloneable interface implementation ---------------------------------------
 
   public Object clone() throws CloneNotSupportedException
Index: gnu/java/security/jce/prng/SecureRandomAdapter.java
===================================================================
RCS file: 
/cvsroot/classpath/classpath/gnu/java/security/jce/prng/SecureRandomAdapter.java,v
retrieving revision 1.1
diff -u -B -b -r1.1 SecureRandomAdapter.java
--- gnu/java/security/jce/prng/SecureRandomAdapter.java 26 Jan 2006 02:25:10 
-0000      1.1
+++ gnu/java/security/jce/prng/SecureRandomAdapter.java 12 Apr 2006 05:12:53 
-0000
@@ -42,7 +42,7 @@
 import gnu.java.security.prng.MDGenerator;
 
 import java.security.SecureRandomSpi;
-import java.util.HashMap;
+import java.util.Collections;
 
 /**
  * <p>The implementation of a generic [EMAIL PROTECTED] 
java.security.SecureRandom} adapter
@@ -80,6 +80,7 @@
     super();
 
     this.mdName = mdName;
+    adaptee.init (Collections.singletonMap (MDGenerator.MD_NAME, mdName));
   }
 
   // Class methods
@@ -118,9 +119,6 @@
 
   public void engineSetSeed(byte[] seed)
   {
-    HashMap attributes = new HashMap();
-    attributes.put(MDGenerator.MD_NAME, mdName);
-    attributes.put(MDGenerator.SEEED, seed);
-    adaptee.init(attributes);
+    adaptee.addRandomBytes (seed);
   }
 }














    











					Reply via email to