|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--java.io.InputStream | +--cryptix.math.RandomStream | +--cryptix.math.PseudoRandomStream | +--cryptix.security.CSRandomStream | +--cryptix.pgp.FileRandomStream
A random stream that uses a seed file to provide an initial source of entropy. When the object is finalized, the seed file is updated (it can also be updated explicitly).
As well as the seed file, entropy is taken from the following possibly-unpredictable sources:
The GUI is a better source of entropy than some of these methods (especially for applets), but is not included here since Cryptix is non-GUI.
If neither SecureRandom nor /dev/random are available (i.e. Java 1.0.2 on most platforms other than Linux), the security of this may be a little suspect. We should really implement SecureRandom (and SeedGenerator) for Java 1.0.2.
SECURITY: in the previous version, this class could in theory be exploited by untrusted code to clobber the seed file (which can be any filename). This could be bad for certain OS or other configuration files, possibly leading to a more serious exploit.
This version includes a security check that the caller is allowed to write to the seed file.
Copyright © 1995-1997
Systemics Ltd on behalf of the
Cryptix Development Team.
All rights reserved.
$Revision: 1.1.1.1 $
Fields inherited from class cryptix.security.CSRandomStream |
sha |
Fields inherited from class cryptix.math.PseudoRandomStream |
buf, len, prng, ptr |
Constructor Summary | |
FileRandomStream()
Constructs a FileRandomStream with no seed file. |
|
FileRandomStream(java.io.File seed_file)
Constructs a FileRandomStream with the given seed file. |
Method Summary | |
void |
add(byte[] entropy)
Add some entropy to the generator. |
protected void |
finalize()
|
void |
init(java.io.File seed_file)
(Re-)initializes the generator. |
void |
readSeedFile()
Add entropy from the seed file. |
void |
updateSeedFile()
Update the seed file. |
Methods inherited from class cryptix.security.CSRandomStream |
nextBuffer, seed |
Methods inherited from class cryptix.math.PseudoRandomStream |
nextByte |
Methods inherited from class cryptix.math.RandomStream |
read, read, read, skip |
Methods inherited from class java.io.InputStream |
available, close, mark, markSupported, reset |
Methods inherited from class java.lang.Object |
|
Constructor Detail |
public FileRandomStream() throws java.io.IOException
public FileRandomStream(java.io.File seed_file) throws java.io.IOException
java.lang.SecurityException
- the current security manager's checkWrite
method is called with the absolute path of seed_file
(if it is non-null).Method Detail |
public void init(java.io.File seed_file) throws java.io.IOException
seed_file may be null if no seed file is to be used.
java.lang.SecurityException
- the current security manager's checkWrite
method is called with the absolute path of seed_file
(if it is non-null).protected void finalize()
finalize
in class java.lang.Object
public void add(byte[] entropy)
add
in class CSRandomStream
public void readSeedFile()
public void updateSeedFile() throws java.io.IOException
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |