Design and impl review: JEP 273: DRBG-Based SecureRandom Implementations

Wang Weijun weijun.wang at oracle.com
Tue Dec 15 08:09:51 UTC 2015


Good.

But the builder will not provide default values so you will see

  new DrbgParameters.Builder().build().getAlgorithm() == null

which means the getters still return requested values.

In this case, the algorithm will only be known after it is used for a specific DRBG, for example, SHA-256 for HashDRBG, and AES-256 for CtrDRBG.

--Max

> On Dec 15, 2015, at 12:05 AM, Sean Mullan <sean.mullan at oracle.com> wrote:
> 
> The DrbgParameters class has 7 parameters, most of which are optional. A typical use case might involve lots of null parameters:
> 
> DrbgParameters params = new DrbgParameters(null, null, 256, false, false, nonce, null);
> 
> That seems awkward, and you have be overly careful to map the right value to each parameter.
> 
> I think this is a case where a DrbgParameters.Builder would be very useful.
> 
> --Sean



More information about the security-dev mailing list