Update #4: JEP 123: SecureRandom Draft and Implementation.
Xuelei Fan
xuelei.fan at oracle.com
Thu Jan 17 15:44:33 UTC 2013
Hi Brad,
Please note the priorities for each comment. As the M6 is coming, you
can only take P1 comments.
P1: need to update
P2: suggested update, you can take it after M6.
P3: minor comments, it's OK to leave it unchanged.
P4: personal preference for your consideration, or my question.
java/security/SecureRandom.java
-------------------------------------
1-1. the performance of Pattern.compile [P2]
Pattern.compile() is expensive. I would suggest to use private static
lazy-initialized class attribute the patterns.
public class SecureRandom extends java.util.Random {
private static final String regex = "...";
private static final Pattern pattern;
public static SecureRandom getStrongSecureRandom() {
...
if (pattern == null) {
pattern = Pattern.compile(regex);
}
...
}
}
1-2. spaces are allowed between algorithm and provider [P4]
According to the regex ("\\s*(\\S+)\\s*\\:\\s*(\\S+)\\s*"), spaces
are allowed around the tokens. For example, " NativePRNGBlocking : SUN
" is valid. I would like to use a stricter syntax at the beginning in
case of any special requirement comes in the future.
1-3. may only need one regex for both "algorithm" and
"algorithm:provider" [P3]
I think one regex is OK for both: "([\\S&&[^:]]+)(\\:([\\S&&[^:]]+))?".
NativePRNGBlocking:Sun
group 1: NativePRNGBlocking
group 2: :Sun
group 3: Sun
NativePRNGBlocking
group 1: NativePRNGBlocking
group 2: null
group 3: null
If group 2 is non-null, it is of the "algorithm:provider" style.
1-4. a typo at line 614 [P1]:
- 614 // Pattern for "algorithm.provider"
+ 614 // Pattern for "algorithm:provider"
java.security-windows
-------------------------------------
2-1. Is it possible to enable "NativePRNGBlocking:SUN" in Windows? [P2]
+ securerandom.strongAlgorithms=Windows-PRNG:SunMSCAPI
I was wondering to enable "NativePRNGBlocking:SUN" here before I know
that the "NativePRNGBlocking:SUN" is not available on Windows:
+ securerandom.strongAlgorithms=Windows-PRNG:SunMSCAPI, \
+ NativePRNGBlocking:SUN
The availability of "securerandom.strongAlgorithms" property depends on
the enabled security providers, and the platform. If "SunMSCAPI"
provider is not enabled, the "Windows-PRNG:SunMSCAPI" will not work. I
think "NativePRNGBlocking:SUN" is not available on Windows system. It is
not as obviously as that the "Windows-PRNG:SunMSCAPI" is not available
on Unix/Linux/Mac OS systems. We need to documentation this behaviors
clear somewhere else.
P11SecureRandom.java
-------------------------------------
3-1: to support strong algorithm in PKCS11 [P4]
Is SHA1PRNG:SunPKCS11 a strong algorithm? I think it would be nice to
add it as a backup in the strong algorithm property.
SeedGenerator.java
-------------------------------------
4-1: downgrade normative reference to java security property file [P3]
[line 57-60] As you have already there, I would suggest to use the new
style of security property. See
http://hg.openjdk.java.net/jdk8/tl/jdk/rev/346c0af4af41 and the
description from SeanM,
http://mail.openjdk.java.net/pipermail/security-dev/2012-December/006144.html.
line 57-60:
- * accomplished by setting the value of the "securerandom.source"
- * Security property (in the Java security properties file) to a URL
- * specifying the location of the entropy gathering device, or by setting
- * the "java.security.egd" System property.
+ * accomplished by setting the value of the
+ * {@code securerandom.source} security property to a URL
+ * specifying the location of the entropy gathering device, or by setting
+ * the {@code java.security.egd} System property.
SunEntries.java
-------------------------------------
5-1: what's the usage of "NativePRNGNonBlocking"? [P2]
+ if (NativePRNG.NonBlocking.isAvailable()) {
+ map.put("SecureRandom.NativePRNGNonBlocking",
+ "sun.security.provider.NativePRNG$NonBlocking");
+ }
I did not find the description of this algorithm in the specification
(CCC) or other export documentation. Do you want to add it to Oracle
provider names doc? Otherwise, I would suggest to comment out this
algorithm. The above would set a external SecureRandom algorithm, I think.
sun/security/provider/NativePRNG.java
-------------------------------------
6-1: line 36-42, wordsmithing. [P3]
"It obtains seed and random numbers by reading system files such as
the special device files /dev/random and /dev/urandom. This
implementation respects the {@code securerandom.source} security
property and {@code java.security.egd} system property
for obtaining seed material. If the file
specified by the properties does not exist, /dev/random is the
default seed source, and /dev/urandom is the default source of
random numbers."
6-2: Do you want to put something here? [P4]
321 // XXX change the urandom/random to seed/next
src/windows/classes/sun/security/provider/NativeSeedGenerator.java
-------------------------------------
7-1: Not about this fix, but the code looks strange to me. [P4]
The constructor calls:
44 super();
The SeedGenerator static block will be called and SeedGenerator.instance
will be initialized.
According to the code in SeedGenerator.java:
145 static public void generateSeed(byte[] result) {
146 instance.getSeedBytes(result);
147 }
The getSeedBytes() method of the initialized instance will be used.
However, in Windows platform, I think the
NativeSeedGenerator.getSeedBytes() should be called, I think.
I think the NativeSeedGenerator class should override the generateSeed()
method. About the super() call in NativeSeedGenerator, I think the
initialization of instance (line 92-142, SeedGenerator.java) may be not
necessary. The initialized instance in SeedGenerator is useless in
Windows from my understand. Am I missing something?
Otherwise, looks fine to me.
Xuelei
On 1/11/2013 8:24 AM, Brad Wetmore wrote:
> Minor tweak. It occurred to me that people might use "." as separators
> (for example using some OIDs scheme), so I changed the syntax slightly
> of the system property to use ":" instead.
>
> For example:
>
> # This is a comma-separated list of algorithm and/or algorithm:provider
> # entries.
> #
> securerandom.strongAlgorithms=NativePRNGBlocking:SUN,
> SP800-90A/AES/CTR:IBMJDK
>
> Latest is now webrev.04.
>
> http://cr.openjdk.java.net/~wetmore/6425477/
>
> Brad
>
>
>
More information about the security-dev
mailing list