Design and impl review: JEP 273: DRBG-Based SecureRandom Implementations

Sean Mullan sean.mullan at oracle.com
Tue Dec 15 22:19:31 UTC 2015


On 12/15/2015 03:09 AM, Wang Weijun wrote:
> Good.
>
> But the builder will not provide default values so you will see
>
>    new DrbgParameters.Builder().build().getAlgorithm() == null
>
> which means the getters still return requested values.

That's fine, this is no different than what the current class does.

--Sean

> In this case, the algorithm will only be known after it is used for a specific DRBG, for example, SHA-256 for HashDRBG, and AES-256 for CtrDRBG.
>
> --Max
>
>> On Dec 15, 2015, at 12:05 AM, Sean Mullan <sean.mullan at oracle.com> wrote:
>>
>> The DrbgParameters class has 7 parameters, most of which are optional. A typical use case might involve lots of null parameters:
>>
>> DrbgParameters params = new DrbgParameters(null, null, 256, false, false, nonce, null);
>>
>> That seems awkward, and you have be overly careful to map the right value to each parameter.
>>
>> I think this is a case where a DrbgParameters.Builder would be very useful.
>>
>> --Sean
>


More information about the security-dev mailing list