Committed, including the suggestions people gave.
2006-04-14 Casey Marshall <[EMAIL PROTECTED]>
Fixes PR classpath/24642
* NEWS: add note about SecureRandom changes, and addition of
VMSecureRandom.
* java/security/SecureRandom.java (isSeeded): new field.
(setSeed, setSeed): set `isSeeded' to `true.'
(nextBytes): seed this instance if `isSeeded' is false.
(getSeed): call `generateSeed.'
(SECURERANDOM_SOURCE, JAVA_SECURITY_EGD, logger): new constants.
(generateSeed, generateSeed): new methods.
* vm/reference/java/security/VMSecureRandom.java: new file.
Thanks.
Index: java/security/SecureRandom.java
===================================================================
RCS file: /cvsroot/classpath/classpath/java/security/SecureRandom.java,v
retrieving revision 1.21
diff -u -B -b -r1.21 SecureRandom.java
--- java/security/SecureRandom.java 12 Apr 2006 12:50:09 -0000 1.21
+++ java/security/SecureRandom.java 14 Apr 2006 18:18:12 -0000
@@ -1,6 +1,10 @@
/* SecureRandom.java --- Secure Random class implementation
+<<<<<<< SecureRandom.java
+ Copyright (C) 1999, 2001, 2002, 2003, 2005, 2006 Free Software Foundation,
Inc.
+=======
Copyright (C) 1999, 2001, 2002, 2003, 2005, 2006
Free Software Foundation, Inc.
+>>>>>>> 1.21
This file is part of GNU Classpath.
@@ -38,11 +42,19 @@
package java.security;
+import gnu.classpath.SystemProperties;
import gnu.java.security.Engine;
+import gnu.java.security.action.GetSecurityPropertyAction;
import gnu.java.security.jce.prng.Sha160RandomSpi;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
import java.util.Enumeration;
import java.util.Random;
+import java.util.logging.Level;
+import java.util.logging.Logger;
/**
* An interface to a cryptographically secure pseudo-random number
@@ -74,6 +86,8 @@
byte[] state = null;
private String algorithm;
+ private boolean isSeeded = false;
+
// Constructors.
// ------------------------------------------------------------------------
@@ -303,6 +317,7 @@
public void setSeed(byte[] seed)
{
secureRandomSpi.engineSetSeed(seed);
+ isSeeded = true;
}
/**
@@ -330,6 +345,7 @@
(byte) (0xff & seed)
};
secureRandomSpi.engineSetSeed(tmp);
+ isSeeded = true;
}
}
@@ -341,6 +357,8 @@
*/
public void nextBytes(byte[] bytes)
{
+ if (!isSeeded)
+ setSeed(getSeed(32));
randomBytesUsed += bytes.length;
counter++;
secureRandomSpi.engineNextBytes(bytes);
@@ -386,10 +404,8 @@
public static byte[] getSeed(int numBytes)
{
byte[] tmp = new byte[numBytes];
-
- new Random().nextBytes(tmp);
+ generateSeed(tmp);
return tmp;
- //return secureRandomSpi.engineGenerateSeed( numBytes );
}
/**
@@ -404,4 +420,64 @@
return secureRandomSpi.engineGenerateSeed(numBytes);
}
+ // Seed methods.
+
+ private static final String SECURERANDOM_SOURCE = "securerandom.source";
+ private static final String JAVA_SECURITY_EGD = "java.security.egd";
+ private static final Logger logger =
Logger.getLogger(SecureRandom.class.getName());
+
+ private static int generateSeed(byte[] buffer)
+ {
+ return generateSeed(buffer, 0, buffer.length);
+ }
+
+ private static int generateSeed(byte[] buffer, int offset, int length)
+ {
+ URL sourceUrl = null;
+ String urlStr = null;
+
+ GetSecurityPropertyAction action = new
GetSecurityPropertyAction(SECURERANDOM_SOURCE);
+ try
+ {
+ urlStr = (String) AccessController.doPrivileged(action);
+ if (urlStr != null)
+ sourceUrl = new URL(urlStr);
+ }
+ catch (MalformedURLException ignored)
+ {
+ logger.log(Level.WARNING, SECURERANDOM_SOURCE + " property is
malformed: {0}",
+ urlStr);
+ }
+
+ if (sourceUrl == null)
+ {
+ try
+ {
+ urlStr = SystemProperties.getProperty(JAVA_SECURITY_EGD);
+ if (urlStr != null)
+ sourceUrl = new URL(urlStr);
+ }
+ catch (MalformedURLException mue)
+ {
+ logger.log(Level.WARNING, JAVA_SECURITY_EGD + " property is
malformed: {0}",
+ urlStr);
+ }
+ }
+
+ if (sourceUrl != null)
+ {
+ try
+ {
+ InputStream in = sourceUrl.openStream();
+ return in.read(buffer, offset, length);
+ }
+ catch (IOException ioe)
+ {
+ logger.log(Level.FINE, "error reading random bytes", ioe);
+ }
+ }
+
+ // If we get here, we did not get any seed from a property URL.
+ return VMSecureRandom.generateSeed(buffer, offset, length);
+ }
}
--- /dev/null 2006-04-14 10:49:23.000000000 -0700
+++ vm/reference/java/security/VMSecureRandom.java 2006-04-13
09:52:13.000000000 -0700
@@ -0,0 +1,134 @@
+/* VMSecureRandom.java -- random seed generator.
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package java.security;
+
+import gnu.classpath.SystemProperties;
+import gnu.java.security.action.GetSecurityPropertyAction;
+
+import java.net.URL;
+
+/**
+ * VM-specific methods for generating real (or almost real) random
+ * seeds. VM implementors should write a version of this class that
+ * reads random bytes from some system source.
+ *
+ * <p>The default implementation of this class runs eight threads that
+ * increment counters in a tight loop, and XORs each counter to
+ * produce one byte of seed data. This is not very efficient, and is
+ * not guaranteed to be random (the thread scheduler is probably
+ * deterministic, after all). If possible, VM implementors should
+ * reimplement this class so it obtains a random seed from a system
+ * facility, such as a system entropy gathering device or hardware
+ * random number generator.
+ */
+final class VMSecureRandom
+{
+
+ /**
+ * Generate a random seed. Implementations are free to generate
+ * fewer random bytes than are requested, and leave the remaining
+ * bytes of the destination buffer as zeros. Implementations SHOULD,
+ * however, make a best-effort attempt to satisfy the request.
+ *
+ * @param buffer The destination buffer.
+ * @param offset The offset in the buffer to start putting bytes.
+ * @param length The number of random bytes to generate.
+ */
+ static int generateSeed(byte[] buffer, int offset, int length)
+ {
+ if (length < 0)
+ throw new IllegalArgumentException("length must be nonnegative");
+ if (offset < 0 || offset + length > buffer.length)
+ throw new IndexOutOfBoundsException();
+
+ Spinner[] spinners = new Spinner[8];
+ int n = 0x1;
+ for (int i = 0; i < spinners.length; i++)
+ {
+ spinners[i] = new Spinner((byte) n);
+ Thread t = new Thread(spinners[i]);
+ t.start();
+ n <<= 1;
+ }
+
+ // Wait until at least one spinner has started.
+ while (!(spinners[0].running || spinners[1].running || spinners[2].running
+ || spinners[3].running || spinners[4].running ||
spinners[5].running
+ || spinners[6].running || spinners[7].running))
+ {
+ Thread.yield();
+ }
+
+ for (int i = offset; i < length; i++)
+ {
+ buffer[i] = (byte) (spinners[0].value ^ spinners[1].value ^
spinners[2].value
+ ^ spinners[3].value ^ spinners[4].value ^
spinners[5].value
+ ^ spinners[6].value ^ spinners[7].value);
+ Thread.yield();
+ }
+
+ for (int i = 0; i < spinners.length; i++)
+ spinners[i].stop();
+
+ return length;
+ }
+
+ static class Spinner implements Runnable
+ {
+ volatile byte value;
+ volatile boolean running;
+
+ Spinner(final byte initial)
+ {
+ value = initial;
+ }
+
+ public void run()
+ {
+ running = true;
+ while (running)
+ value++;
+ }
+
+ private void stop()
+ {
+ running = false;
+ }
+ }
+}
\ No newline at end of file
Index: NEWS
===================================================================
RCS file: /cvsroot/classpath/classpath/NEWS,v
retrieving revision 1.131
diff -u -B -b -r1.131 NEWS
--- NEWS 12 Apr 2006 12:04:17 -0000 1.131
+++ NEWS 14 Apr 2006 18:18:59 -0000
@@ -18,6 +18,9 @@
text components with the middle mouse button. Support cursor changes on
various components when resizing.
* Updated locale data information to CLDR 1.3.
+* Various bugs in Classpath's SecureRandom implementations have been
+ fixed; that class now respects the "securerandom.source" security
+ property and the "java.security.egd" system property.
Runtime interface changes:
@@ -31,6 +34,9 @@
this method.
* The reference implementation of VMThread has been updated to handle
the new Thread.UncaughtExceptionHandler support.
+* A new class, java.security.VMSecureRandom, is now available that is
+ used to generate random numbers for seeding cryptographically-secure
+ pseudo-random number generators.
New in release 0.90 (March 6, 2006)
