Design and impl review: JEP 273: DRBG-Based SecureRandom Implementations

Wang Weijun at
Tue Dec 15 08:09:51 UTC 2015


But the builder will not provide default values so you will see

  new DrbgParameters.Builder().build().getAlgorithm() == null

which means the getters still return requested values.

In this case, the algorithm will only be known after it is used for a specific DRBG, for example, SHA-256 for HashDRBG, and AES-256 for CtrDRBG.


> On Dec 15, 2015, at 12:05 AM, Sean Mullan <sean.mullan at> wrote:
> The DrbgParameters class has 7 parameters, most of which are optional. A typical use case might involve lots of null parameters:
> DrbgParameters params = new DrbgParameters(null, null, 256, false, false, nonce, null);
> That seems awkward, and you have be overly careful to map the right value to each parameter.
> I think this is a case where a DrbgParameters.Builder would be very useful.
> --Sean

More information about the security-dev mailing list