8025694: Rename getStrongSecureRandom based on feedback
8014838: getStrongSecureRandom() should require at least one implementation
Reviewed-by: mullan, darcy
--- a/jdk/src/share/classes/java/security/SecureRandom.java Tue Oct 01 17:48:01 2013 +0200
+++ b/jdk/src/share/classes/java/security/SecureRandom.java Wed Oct 02 09:38:57 2013 -0700
@@ -578,39 +578,30 @@
/**
* Returns a {@code SecureRandom} object that was selected by using
* the algorithms/providers specified in the {@code
- * securerandom.strongAlgorithms} Security property.
+ * securerandom.strongAlgorithms} {@link Security} property.
* <p>
* Some situations require strong random values, such as when
* creating high-value/long-lived secrets like RSA public/private
* keys. To help guide applications in selecting a suitable strong
- * {@code SecureRandom} implementation, Java distributions should
+ * {@code SecureRandom} implementation, Java distributions
* include a list of known strong {@code SecureRandom}
* implementations in the {@code securerandom.strongAlgorithms}
* Security property.
- *
- * <pre>
- * SecureRandom sr = SecureRandom.getStrongSecureRandom();
- *
- * if (sr == null) {
- * // Decide if this is a problem, and whether to recover.
- * sr = new SecureRandom();
- * if (!goodEnough(sr)) {
- * return;
- * }
- * }
- *
- * keyPairGenerator.initialize(2048, sr);
- * </pre>
+ * <p>
+ * Every implementation of the Java platform is required to
+ * support at least one strong {@code SecureRandom} implementation.
*
* @return a strong {@code SecureRandom} implementation as indicated
- * by the {@code securerandom.strongAlgorithms} Security property, or
- * null if none are available.
+ * by the {@code securerandom.strongAlgorithms} Security property
+ *
+ * @throws NoSuchAlgorithmException if no algorithm is available
*
* @see Security#getProperty(String)
*
* @since 1.8
*/
- public static SecureRandom getStrongSecureRandom() {
+ public static SecureRandom getInstanceStrong()
+ throws NoSuchAlgorithmException {
String property = AccessController.doPrivileged(
new PrivilegedAction<String>() {
@@ -622,7 +613,8 @@
});
if ((property == null) || (property.length() == 0)) {
- return null;
+ throw new NoSuchAlgorithmException(
+ "Null/empty securerandom.strongAlgorithms Security Property");
}
String remainder = property;
@@ -649,7 +641,8 @@
}
}
- return null;
+ throw new NoSuchAlgorithmException(
+ "No strong SecureRandom impls available: " + property);
}
// Declare serialVersionUID to be compatible with JDK1.1
--- a/jdk/src/share/lib/security/java.security-windows Tue Oct 01 17:48:01 2013 +0200
+++ b/jdk/src/share/lib/security/java.security-windows Wed Oct 02 09:38:57 2013 -0700
@@ -127,7 +127,7 @@
# This is a comma-separated list of algorithm and/or algorithm:provider
# entries.
#
-securerandom.strongAlgorithms=Windows-PRNG:SunMSCAPI
+securerandom.strongAlgorithms=Windows-PRNG:SunMSCAPI,SHA1PRNG:SUN
#
# Class to instantiate as the javax.security.auth.login.Configuration
--- a/jdk/test/sun/security/provider/SecureRandom/StrongSecureRandom.java Tue Oct 01 17:48:01 2013 +0200
+++ b/jdk/test/sun/security/provider/SecureRandom/StrongSecureRandom.java Wed Oct 02 09:38:57 2013 -0700
@@ -120,7 +120,14 @@
private static void testStrongInstance(boolean expected) throws Exception {
- boolean result = (SecureRandom.getStrongSecureRandom() != null);
+ boolean result;
+
+ try {
+ SecureRandom.getInstanceStrong();
+ result = true;
+ } catch (NoSuchAlgorithmException e) {
+ result = false;
+ }
if (expected != result) {
throw new Exception("Received: " + result);