cryptix.pgp
Class FileRandomStream

java.lang.Object
  |
  +--java.io.InputStream
        |
        +--cryptix.math.RandomStream
              |
              +--cryptix.math.PseudoRandomStream
                    |
                    +--cryptix.security.CSRandomStream
                          |
                          +--cryptix.pgp.FileRandomStream

public class FileRandomStream
extends CSRandomStream

A random stream that uses a seed file to provide an initial source of entropy. When the object is finalized, the seed file is updated (it can also be updated explicitly).

As well as the seed file, entropy is taken from the following possibly-unpredictable sources:

The GUI is a better source of entropy than some of these methods (especially for applets), but is not included here since Cryptix is non-GUI.

If neither SecureRandom nor /dev/random are available (i.e. Java 1.0.2 on most platforms other than Linux), the security of this may be a little suspect. We should really implement SecureRandom (and SeedGenerator) for Java 1.0.2.

SECURITY: in the previous version, this class could in theory be exploited by untrusted code to clobber the seed file (which can be any filename). This could be bad for certain OS or other configuration files, possibly leading to a more serious exploit.

This version includes a security check that the caller is allowed to write to the seed file.

Copyright © 1995-1997 Systemics Ltd on behalf of the Cryptix Development Team.
All rights reserved.

$Revision: 1.1.1.1 $

Since:
Cryptix 2.2 or earlier
Author:
original author unknown, David Hopwood

Fields inherited from class cryptix.security.CSRandomStream
sha
 
Fields inherited from class cryptix.math.PseudoRandomStream
buf, len, prng, ptr
 
Constructor Summary
FileRandomStream()
          Constructs a FileRandomStream with no seed file.
FileRandomStream(java.io.File seed_file)
          Constructs a FileRandomStream with the given seed file.
 
Method Summary
 void add(byte[] entropy)
          Add some entropy to the generator.
protected  void finalize()
           
 void init(java.io.File seed_file)
          (Re-)initializes the generator.
 void readSeedFile()
          Add entropy from the seed file.
 void updateSeedFile()
          Update the seed file.
 
Methods inherited from class cryptix.security.CSRandomStream
nextBuffer, seed
 
Methods inherited from class cryptix.math.PseudoRandomStream
nextByte
 
Methods inherited from class cryptix.math.RandomStream
read, read, read, skip
 
Methods inherited from class java.io.InputStream
available, close, mark, markSupported, reset
 
Methods inherited from class java.lang.Object
, clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

FileRandomStream

public FileRandomStream()
                 throws java.io.IOException
Constructs a FileRandomStream with no seed file.

FileRandomStream

public FileRandomStream(java.io.File seed_file)
                 throws java.io.IOException
Constructs a FileRandomStream with the given seed file.
Throws:
java.lang.SecurityException - the current security manager's checkWrite method is called with the absolute path of seed_file (if it is non-null).
Method Detail

init

public void init(java.io.File seed_file)
          throws java.io.IOException
(Re-)initializes the generator. This will attempt to gather somewhat-unpredictable input from various sources, in addition to the seed file.

seed_file may be null if no seed file is to be used.

Throws:
java.lang.SecurityException - the current security manager's checkWrite method is called with the absolute path of seed_file (if it is non-null).

finalize

protected void finalize()
Overrides:
finalize in class java.lang.Object

add

public void add(byte[] entropy)
Add some entropy to the generator.
Overrides:
add in class CSRandomStream

readSeedFile

public void readSeedFile()
Add entropy from the seed file.

updateSeedFile

public void updateSeedFile()
                    throws java.io.IOException
Update the seed file.