Date: Wed, 23 Apr 1997 11:54:06 -0700
From: David.Brownell@Eng (David Brownell -- JavaSoft)
Message-Id: <199704231854.LAA01902@argon.eng.sun.com>
To: java-security@web2.javasoft.com, jasperc@digicash.com
Subject: Re: provinding a SecureRandom class
> If I am not mistaking, the SecureRandom class does not use the provider
> structure, offered with the JSAPI.
It just uses normal subclassing ... no "get one of these objects as
provided by this named module" factory functionality is needed.
> Wouldn't users want to have their own
> provider create the random numbers for them? How can we provide our own
> SecureRandom class? Just built LocalSecureRandom, which inherits from
> SecureRandom?
Right, just subclass SecureRandom and provide the methods to generate
the primes yourself, using the same API. For example, maybe you want
more than the 160 bits of random state kept by SecureRandom, and you've
got some pseudo-random number generator that's seeded by a 1024 bit
pool of randomness coming from traffic noise and other sources.
> Furthermore, I could not find any support for a secure random prime
> generator in the JSAPI.
You can do this with the java.math.BigInteger package ...
Have a look at java.math.BigInteger:
byte seed [] = ... ;
Random prng = new SecureRandom (seed);
BigInteger prime = new BigInteger (1024, 20, prng);
The code snippet above generates a new 1024 bit prime. The certainty
factor allows a 1/(2^20) chance that it's not really prime.
- Dave