java.security.DrbgParameters Java Examples
The following examples show how to use
java.security.DrbgParameters.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: ApiTest.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
|
private static void runForEachAlg(String mech, String alg)
throws Exception {
for (int strength : new int[]{-1, 0, 1, 223, 224,
192, 255, 256}) {
for (Capability cp : Capability.values()) {
for (byte[] pr : new byte[][]{null, new byte[]{},
"personal".getBytes()}) {
SecureRandomParameters param
= DrbgParameters.instantiation(strength, cp, pr);
runForEachParam(mech, alg, param);
}
}
}
}
Example #2
| Source File: Drbg.java From demo-java-x with MIT License | 5 votes |
|
public static void main(String[] args) throws NoSuchAlgorithmException {
Instantiation instantiation = DrbgParameters.instantiation(128, RESEED_ONLY, null);
SecureRandom random = SecureRandom.getInstance("DRBG", instantiation);
byte[] bytes = new byte[20];
random.nextBytes(bytes);
for (byte b : bytes) {
System.out.print(b + " ");
}
System.out.println();
}
Example #3
| Source File: DrbgParametersSpec.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
|
public static void main(String args[]) throws Exception {
byte[] p, np1, np2;
// Capability
Asserts.assertTrue(PR_AND_RESEED.supportsPredictionResistance());
Asserts.assertTrue(PR_AND_RESEED.supportsReseeding());
Asserts.assertFalse(RESEED_ONLY.supportsPredictionResistance());
Asserts.assertTrue(RESEED_ONLY.supportsReseeding());
Asserts.assertFalse(NONE.supportsPredictionResistance());
Asserts.assertFalse(NONE.supportsReseeding());
// Instantiation
p = "Instantiation".getBytes();
DrbgParameters.Instantiation ins = DrbgParameters
.instantiation(192, RESEED_ONLY, p);
Asserts.assertTrue(ins.getStrength() == 192);
Asserts.assertTrue(ins.getCapability() == RESEED_ONLY);
np1 = ins.getPersonalizationString();
np2 = ins.getPersonalizationString();
// Getter outputs have same content but not the same object
Asserts.assertTrue(Arrays.equals(np1, p));
Asserts.assertTrue(Arrays.equals(np2, p));
Asserts.assertNE(np1, np2);
// Changes to original input has no affect on object
p[0] = 'X';
np2 = ins.getPersonalizationString();
Asserts.assertTrue(Arrays.equals(np1, np2));
ins = DrbgParameters.instantiation(-1, NONE, null);
Asserts.assertNull(ins.getPersonalizationString());
iae(() -> DrbgParameters.instantiation(-2, NONE, null));
npe(() -> DrbgParameters.instantiation(-1, null, null));
// NextBytes
p = "NextBytes".getBytes();
DrbgParameters.NextBytes nb = DrbgParameters
.nextBytes(192, true, p);
Asserts.assertTrue(nb.getStrength() == 192);
Asserts.assertTrue(nb.getPredictionResistance());
np1 = nb.getAdditionalInput();
np2 = nb.getAdditionalInput();
// Getter outputs have same content but not the same object
Asserts.assertTrue(Arrays.equals(np1, p));
Asserts.assertTrue(Arrays.equals(np2, p));
Asserts.assertNE(np1, np2);
// Changes to original input has no affect on object
p[0] = 'X';
np2 = nb.getAdditionalInput();
Asserts.assertTrue(Arrays.equals(np1, np2));
iae(() -> DrbgParameters.nextBytes(-2, false, null));
// Reseed
p = "Reseed".getBytes();
DrbgParameters.Reseed rs = DrbgParameters
.reseed(true, p);
Asserts.assertTrue(rs.getPredictionResistance());
np1 = rs.getAdditionalInput();
np2 = rs.getAdditionalInput();
// Getter outputs have same content but not the same object
Asserts.assertTrue(Arrays.equals(np1, p));
Asserts.assertTrue(Arrays.equals(np2, p));
Asserts.assertNE(np1, np2);
// Changes to original input has no affect on object
p[0] = 'X';
np2 = rs.getAdditionalInput();
Asserts.assertTrue(Arrays.equals(np1, np2));
}
Example #4
| Source File: GetInstanceTest.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
|
private static boolean isValidDRBGParam(SecureRandomParameters param) {
return (param instanceof DrbgParameters.Instantiation);
}
Example #5
| Source File: ApiTest.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
|
/**
* Test a possible set of SecureRandom API for a SecureRandom instance.
* @param random SecureRandom instance
* @param mech Mechanism used to create SecureRandom instance
*/
private static void verifyAPI(SecureRandom random, String mech)
throws Exception {
System.out.printf("%nTest SecureRandom mechanism: %s for provider: %s",
mech, random.getProvider().getName());
byte[] output = new byte[2];
// Generate random number.
random.nextBytes(output);
// Seed the SecureRandom with a generated seed value of lesser size.
byte[] seed = random.generateSeed(1);
random.setSeed(seed);
random.nextBytes(output);
// Seed the SecureRandom with a fixed seed value.
random.setSeed(SEED);
random.nextBytes(output);
// Seed the SecureRandom with a larger seed value.
seed = random.generateSeed(128);
random.setSeed(seed);
random.nextBytes(output);
// Additional operation only supported for DRBG based SecureRandom.
// Execute the code block and expect to pass for DRBG. If it will fail
// then it should fail with specified exception type. Else the case
// will be considered as a test case failure.
matchExc(() -> {
random.reseed();
random.nextBytes(output);
},
isDRBG(mech),
UnsupportedOperationException.class,
String.format("PASS - Unsupported reseed() method for "
+ "SecureRandom Algorithm %s ", mech));
matchExc(() -> {
random.reseed(DrbgParameters.reseed(false, new byte[]{}));
random.nextBytes(output);
},
isDRBG(mech),
UnsupportedOperationException.class,
String.format("PASS - Unsupported reseed(param) method for "
+ "SecureRandom Algorithm %s ", mech));
matchExc(() -> {
random.reseed(DrbgParameters.reseed(true, new byte[]{}));
random.nextBytes(output);
},
isDRBG(mech),
!isSupportPR(mech, random) ? IllegalArgumentException.class
: UnsupportedOperationException.class,
String.format("PASS - Unsupported or illegal reseed(param) "
+ "method for SecureRandom Algorithm %s ", mech));
matchExc(() -> random.nextBytes(output,
DrbgParameters.nextBytes(-1, false, new byte[]{})),
isDRBG(mech),
UnsupportedOperationException.class,
String.format("PASS - Unsupported nextBytes(out, nextByteParam)"
+ " method for SecureRandom Algorithm %s ", mech));
matchExc(() -> random.nextBytes(output,
DrbgParameters.nextBytes(-1, true, new byte[]{})),
isDRBG(mech),
!isSupportPR(mech, random) ? IllegalArgumentException.class
: UnsupportedOperationException.class,
String.format("PASS - Unsupported or illegal "
+ "nextBytes(out, nextByteParam) method for "
+ "SecureRandom Algorithm %s ", mech));
matchExc(() -> {
random.reseed(null);
random.nextBytes(output);
},
!SHOULD_PASS,
IllegalArgumentException.class,
"PASS - Test is expected to fail when parameter for reseed() "
+ "is null");
matchExc(() -> random.nextBytes(output, null),
!SHOULD_PASS,
IllegalArgumentException.class,
"PASS - Test is expected to fail when parameter for nextBytes()"
+ " is null");
}
Example #6
| Source File: CommonSeeder.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
byte[] result = new byte[10];
MyES es = new MyES();
// Set es as the default entropy source, overriding SeedGenerator.
setDefaultSeeder(es);
// Nothing happened yet
es.checkUsage(0);
SecureRandom sr;
sr = SecureRandom.getInstance("DRBG");
// No entropy reading if only getInstance
es.checkUsage(0);
// Entropy is read at 1st nextBytes of the 1st DRBG
sr.nextInt();
es.checkUsage(1);
for (String mech : new String[]{"Hash_DRBG", "HMAC_DRBG", "CTR_DRBG"}) {
System.out.println("Testing " + mech + "...");
// DRBG with pr_false will never read entropy again no matter
// if nextBytes or reseed is called.
Security.setProperty("securerandom.drbg.config", mech);
sr = SecureRandom.getInstance("DRBG");
sr.nextInt();
sr.reseed();
es.checkUsage(0);
// DRBG with pr_true always read from default entropy, and
// its nextBytes always reseed itself
Security.setProperty("securerandom.drbg.config",
mech + ",pr_and_reseed");
sr = SecureRandom.getInstance("DRBG");
sr.nextInt();
es.checkUsage(2); // one instantiate, one reseed
sr.nextInt();
es.checkUsage(1); // one reseed in nextBytes
sr.reseed();
es.checkUsage(1); // one reseed
sr.nextBytes(result, DrbgParameters.nextBytes(-1, false, null));
es.checkUsage(0); // pr_false for this call
sr.nextBytes(result, DrbgParameters.nextBytes(-1, true, null));
es.checkUsage(1); // pr_true for this call
sr.reseed(DrbgParameters.reseed(true, null));
es.checkUsage(1); // reseed from es
sr.reseed(DrbgParameters.reseed(false, null));
es.checkUsage(0); // reseed from AbstractDrbg.SeederHolder.seeder
}
}
Example #7
| Source File: DRBGAlg.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
check(null, "Hash_DRBG", "SHA-256", "reseed_only", ",128");
check("", "Hash_DRBG", "SHA-256", "reseed_only", ",128");
check("sha-256", "Hash_DRBG", "SHA-256", "reseed_only", ",128");
check("SHA-3");
check("hash_drbg", "Hash_DRBG", "SHA-256", "reseed_only", ",128");
check("hmac_drbg", "HMAC_DRBG", "SHA-256", "reseed_only", ",128");
check("ctr_drbg", "CTR_DRBG", "AES-", "reseed_only", ",128", "use_df");
// trying all permutations
checkPermutations(
Collections.emptyList(),
Arrays.asList("hash_drbg","sha-512","Pr_and_Reseed","192"),
"Hash_DRBG", "SHA-512", "pr_and_reseed", ",192");
check("Hash_DRBG,Hmac_DRBG");
check("SHA-224,SHA-256");
check("128,256");
check("none,reseed_only");
check("use_df,no_df");
check("Hash_DRBG,,SHA-256");
check(null, DrbgParameters.instantiation(112, PR_AND_RESEED, null),
"Hash_DRBG", "SHA-256", "pr_and_reseed", ",112");
check(null, DrbgParameters.instantiation(256, PR_AND_RESEED, null),
"Hash_DRBG", "SHA-256", "pr_and_reseed", ",256");
check(null, DrbgParameters.instantiation(384, PR_AND_RESEED, null));
check("sha-224", DrbgParameters.instantiation(112, PR_AND_RESEED, null),
"Hash_DRBG", "SHA-224", "pr_and_reseed", ",112");
check("sha-224", DrbgParameters.instantiation(256, PR_AND_RESEED, null));
check("hash_drbg,sha-512,Pr_and_Reseed,192",
DrbgParameters.instantiation(112, NONE, null),
"Hash_DRBG", "SHA-512", "reseed_only", ",112");
check("hash_drbg,sha-512,Pr_and_Reseed,192",
DrbgParameters.instantiation(-1, NONE, null),
"Hash_DRBG", "SHA-512", "reseed_only", ",192");
// getInstance params can be stronger than definition
check("hash_drbg,sha-256,None,112",
DrbgParameters.instantiation(192, PR_AND_RESEED, null),
"Hash_DRBG", "SHA-256", "pr_and_reseed", ",192");
check("hash_drbg,sha-224", new MoreDrbgParameters(
null, null, "sha-512", null, false,
DrbgParameters.instantiation(-1, NONE, null)),
"Hash_DRBG", "SHA-512");
check("hash_drbg,sha-224", new MoreDrbgParameters(
null, null, null, null, false,
DrbgParameters.instantiation(-1, NONE, null)),
"Hash_DRBG", "SHA-224");
check("hash_drbg", new MoreDrbgParameters(
null, "hmac_drbg", null, null, false,
DrbgParameters.instantiation(-1, NONE, null)),
"HMAC_DRBG", "SHA-256");
check("hash_drbg,sha-224", new MoreDrbgParameters(
null, null, "sha-3", null, false,
DrbgParameters.instantiation(-1, NONE, null)));
check("hash_drbg,sha-224", new MoreDrbgParameters(
null, "Unknown_DRBG", null, null, false,
DrbgParameters.instantiation(-1, NONE, null)));
}
Example #8
| Source File: MoreDrbgParameters.java From Bytecoder with Apache License 2.0 | 3 votes |
|
/**
* Creates a new {@code MoreDrbgParameters} object.
*
* @param es the {@link EntropySource} to use. If set to {@code null},
* a default entropy source will be used.
* @param mech mech name. If set to {@code null}, the one in
* securerandom.drbg.config is used. This argument is ignored
* when passing to HashDrbg/HmacDrbg/CtrDrbg.
* @param algorithm the requested algorithm to use. If set to {@code null},
* the algorithm will be decided by strength.
* @param nonce the nonce to use. If set to {@code null},
* a nonce will be assigned.
* @param usedf whether a derivation function should be used
* @param config a {@link DrbgParameters.Instantiation} object
*/
public MoreDrbgParameters(EntropySource es, String mech,
String algorithm, byte[] nonce, boolean usedf,
DrbgParameters.Instantiation config) {
this.mech = mech;
this.algorithm = algorithm;
this.es = es;
this.nonce = (nonce == null) ? null : nonce.clone();
this.usedf = usedf;
this.strength = config.getStrength();
this.capability = config.getCapability();
this.personalizationString = config.getPersonalizationString();
}
Example #9
| Source File: MoreDrbgParameters.java From openjdk-jdk9 with GNU General Public License v2.0 | 3 votes |
|
/**
* Creates a new {@code MoreDrbgParameters} object.
*
* @param es the {@link EntropySource} to use. If set to {@code null},
* a default entropy source will be used.
* @param mech mech name. If set to {@code null}, the one in
* securerandom.drbg.config is used. This argument is ignored
* when passing to HashDrbg/HmacDrbg/CtrDrbg.
* @param algorithm the requested algorithm to use. If set to {@code null},
* the algorithm will be decided by strength.
* @param nonce the nonce to use. If set to {@code null},
* a nonce will be assigned.
* @param usedf whether a derivation function should be used
* @param config a {@link DrbgParameters.Instantiation} object
*/
public MoreDrbgParameters(EntropySource es, String mech,
String algorithm, byte[] nonce, boolean usedf,
DrbgParameters.Instantiation config) {
this.mech = mech;
this.algorithm = algorithm;
this.es = es;
this.nonce = (nonce == null) ? null : nonce.clone();
this.usedf = usedf;
this.strength = config.getStrength();
this.capability = config.getCapability();
this.personalizationString = config.getPersonalizationString();
}
