Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8229521

Need clarification on default algorithm for new SecureRandom()

    XMLWordPrintable

    Details

    • Type: Enhancement
    • Status: Open
    • Priority: P4
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: security-libs
    • Labels:
      None

      Description

      Current javadoc for java.security.SecureRandom class states that when new SecureRandom() is called, it'll:
      -------------------
      Constructs a secure random number generator (RNG) implementing the default random number algorithm.

      This constructor traverses the list of registered security Providers, starting with the most preferred Provider. A new SecureRandom object encapsulating the SecureRandomSpi implementation from the first Provider that supports a SecureRandom (RNG) algorithm is returned. If none of the Providers support a RNG algorithm, then an implementation-specific default is returned.
      -------------------
      However, it didn't state what happens when a provider supports multiple algorithms of RNG, which one would be used.

      Among default JDK providers, SUN provider is the only one which supports multiple SecureRandom algorithms. Prior to JDK-7092821, the SUN provider returns SecureRandom services in certain ordering. However, this "ordering" approach maybe fragile and obscure. We should consider a public mechanism such as a "SecureRandom.DEFAULT" alias or maybe attributes so java.security.SecureRandom class can quickly locate the default RNG impl as it iterate through providers.

      Without this public mechanism, SecureRandom class iterates
      through providers, retrieve all its supported services and use the first SecureRandom service it finds except for SUN provider whose default is indicated by SunEntries.DEF_SECURE_RANDOM_ALGO (see https://bugs.openjdk.java.net/browse/JDK-8228613).

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              valeriep Valerie Peng
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated: