- java.lang.Object
-
- java.util.Random
-
- java.security.SecureRandom
-
- All Implemented Interfaces:
- Serializable
public class SecureRandom extends Random
This class provides a cryptographically strong random number generator (RNG).A cryptographically strong random number minimally complies with the statistical random number generator tests specified in FIPS 140-2, Security Requirements for Cryptographic Modules, section 4.9.1. Additionally, SecureRandom must produce non-deterministic output. Therefore any seed material passed to a SecureRandom object must be unpredictable, and all SecureRandom output sequences must be cryptographically strong, as described in RFC 1750: Randomness Recommendations for Security.
A caller obtains a SecureRandom instance via the no-argument constructor or one of the
getInstance
methods:SecureRandom random = new SecureRandom();
Many SecureRandom implementations are in the form of a pseudo-random number generator (PRNG), which means they use a deterministic algorithm to produce a pseudo-random sequence from a true random seed. Other implementations may produce true random numbers, and yet others may use a combination of both techniques.
Typical callers of SecureRandom invoke the following methods to retrieve random bytes:
SecureRandom random = new SecureRandom(); byte bytes[] = new byte[20]; random.nextBytes(bytes);
Callers may also invoke the
generateSeed
method to generate a given number of seed bytes (to seed other random number generators, for example):byte seed[] = random.generateSeed(20);
Note: Depending on the implementation, thegenerateSeed
andnextBytes
methods may block as entropy is being gathered, for example, if they need to read from /dev/random on various unix-like operating systems.- See Also:
SecureRandomSpi
,Random
, Serialized Form
-
-
Constructor Summary
Constructors Modifier Constructor and Description SecureRandom()
Constructs a secure random number generator (RNG) implementing the default random number algorithm.SecureRandom(byte[] seed)
Constructs a secure random number generator (RNG) implementing the default random number algorithm.protected
SecureRandom(SecureRandomSpi secureRandomSpi, Provider provider)
Creates a SecureRandom object.
-
Method Summary
Methods Modifier and Type Method and Description byte[]
generateSeed(int numBytes)
Returns the given number of seed bytes, computed using the seed generation algorithm that this class uses to seed itself.String
getAlgorithm()
Returns the name of the algorithm implemented by this SecureRandom object.static SecureRandom
getInstance(String algorithm)
Returns a SecureRandom object that implements the specified Random Number Generator (RNG) algorithm.static SecureRandom
getInstance(String algorithm, Provider provider)
Returns a SecureRandom object that implements the specified Random Number Generator (RNG) algorithm.static SecureRandom
getInstance(String algorithm, String provider)
Returns a SecureRandom object that implements the specified Random Number Generator (RNG) algorithm.Provider
getProvider()
Returns the provider of this SecureRandom object.static byte[]
getSeed(int numBytes)
Returns the given number of seed bytes, computed using the seed generation algorithm that this class uses to seed itself.protected int
next(int numBits)
Generates an integer containing the user-specified number of pseudo-random bits (right justified, with leading zeros).void
nextBytes(byte[] bytes)
Generates a user-specified number of random bytes.void
setSeed(byte[] seed)
Reseeds this random object.void
setSeed(long seed)
Reseeds this random object, using the eight bytes contained in the givenlong seed
.-
Methods inherited from class java.util.Random
nextBoolean, nextDouble, nextFloat, nextGaussian, nextInt, nextInt, nextLong
-
-
-
-
Constructor Detail
-
SecureRandom
public SecureRandom()
Constructs a secure random number generator (RNG) implementing the default random number algorithm.This constructor traverses the list of registered security Providers, starting with the most preferred Provider. A new SecureRandom object encapsulating the SecureRandomSpi implementation from the first Provider that supports a SecureRandom (RNG) algorithm is returned. If none of the Providers support a RNG algorithm, then an implementation-specific default is returned.
Note that the list of registered providers may be retrieved via the
Security.getProviders()
method.See the SecureRandom section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard RNG algorithm names.
The returned SecureRandom object has not been seeded. To seed the returned object, call the
setSeed
method. IfsetSeed
is not called, the first call tonextBytes
will force the SecureRandom object to seed itself. This self-seeding will not occur ifsetSeed
was previously called.
-
SecureRandom
public SecureRandom(byte[] seed)
Constructs a secure random number generator (RNG) implementing the default random number algorithm. The SecureRandom instance is seeded with the specified seed bytes.This constructor traverses the list of registered security Providers, starting with the most preferred Provider. A new SecureRandom object encapsulating the SecureRandomSpi implementation from the first Provider that supports a SecureRandom (RNG) algorithm is returned. If none of the Providers support a RNG algorithm, then an implementation-specific default is returned.
Note that the list of registered providers may be retrieved via the
Security.getProviders()
method.See the SecureRandom section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard RNG algorithm names.
- Parameters:
seed
- the seed.
-
SecureRandom
protected SecureRandom(SecureRandomSpi secureRandomSpi, Provider provider)
Creates a SecureRandom object.- Parameters:
secureRandomSpi
- the SecureRandom implementation.provider
- the provider.
-
-
Method Detail
-
getInstance
public static SecureRandom getInstance(String algorithm) throws NoSuchAlgorithmException
Returns a SecureRandom object that implements the specified Random Number Generator (RNG) algorithm.This method traverses the list of registered security Providers, starting with the most preferred Provider. A new SecureRandom object encapsulating the SecureRandomSpi implementation from the first Provider that supports the specified algorithm is returned.
Note that the list of registered providers may be retrieved via the
Security.getProviders()
method.The returned SecureRandom object has not been seeded. To seed the returned object, call the
setSeed
method. IfsetSeed
is not called, the first call tonextBytes
will force the SecureRandom object to seed itself. This self-seeding will not occur ifsetSeed
was previously called.- Parameters:
algorithm
- the name of the RNG algorithm. See the SecureRandom section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard RNG algorithm names.- Returns:
- the new SecureRandom object.
- Throws:
NoSuchAlgorithmException
- if no Provider supports a SecureRandomSpi implementation for the specified algorithm.- Since:
- 1.2
- See Also:
Provider
-
getInstance
public static SecureRandom getInstance(String algorithm, String provider) throws NoSuchAlgorithmException, NoSuchProviderException
Returns a SecureRandom object that implements the specified Random Number Generator (RNG) algorithm.A new SecureRandom object encapsulating the SecureRandomSpi implementation from the specified provider is returned. The specified provider must be registered in the security provider list.
Note that the list of registered providers may be retrieved via the
Security.getProviders()
method.The returned SecureRandom object has not been seeded. To seed the returned object, call the
setSeed
method. IfsetSeed
is not called, the first call tonextBytes
will force the SecureRandom object to seed itself. This self-seeding will not occur ifsetSeed
was previously called.- Parameters:
algorithm
- the name of the RNG algorithm. See the SecureRandom section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard RNG algorithm names.provider
- the name of the provider.- Returns:
- the new SecureRandom object.
- Throws:
NoSuchAlgorithmException
- if a SecureRandomSpi implementation for the specified algorithm is not available from the specified provider.NoSuchProviderException
- if the specified provider is not registered in the security provider list.IllegalArgumentException
- if the provider name is null or empty.- Since:
- 1.2
- See Also:
Provider
-
getInstance
public static SecureRandom getInstance(String algorithm, Provider provider) throws NoSuchAlgorithmException
Returns a SecureRandom object that implements the specified Random Number Generator (RNG) algorithm.A new SecureRandom object encapsulating the SecureRandomSpi implementation from the specified Provider object is returned. Note that the specified Provider object does not have to be registered in the provider list.
The returned SecureRandom object has not been seeded. To seed the returned object, call the
setSeed
method. IfsetSeed
is not called, the first call tonextBytes
will force the SecureRandom object to seed itself. This self-seeding will not occur ifsetSeed
was previously called.- Parameters:
algorithm
- the name of the RNG algorithm. See the SecureRandom section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard RNG algorithm names.provider
- the provider.- Returns:
- the new SecureRandom object.
- Throws:
NoSuchAlgorithmException
- if a SecureRandomSpi implementation for the specified algorithm is not available from the specified Provider object.IllegalArgumentException
- if the specified provider is null.- Since:
- 1.4
- See Also:
Provider
-
getProvider
public final Provider getProvider()
Returns the provider of this SecureRandom object.- Returns:
- the provider of this SecureRandom object.
-
getAlgorithm
public String getAlgorithm()
Returns the name of the algorithm implemented by this SecureRandom object.- Returns:
- the name of the algorithm or
unknown
if the algorithm name cannot be determined. - Since:
- 1.5
-
setSeed
public void setSeed(byte[] seed)
Reseeds this random object. The given seed supplements, rather than replaces, the existing seed. Thus, repeated calls are guaranteed never to reduce randomness.- Parameters:
seed
- the seed.- See Also:
getSeed(int)
-
setSeed
public void setSeed(long seed)
Reseeds this random object, using the eight bytes contained in the givenlong seed
. The given seed supplements, rather than replaces, the existing seed. Thus, repeated calls are guaranteed never to reduce randomness.This method is defined for compatibility with
java.util.Random
.- Overrides:
setSeed
in classRandom
- Parameters:
seed
- the seed.- See Also:
getSeed(int)
-
nextBytes
public void nextBytes(byte[] bytes)
Generates a user-specified number of random bytes.If a call to
setSeed
had not occurred previously, the first call to this method forces this SecureRandom object to seed itself. This self-seeding will not occur ifsetSeed
was previously called.
-
next
protected final int next(int numBits)
Generates an integer containing the user-specified number of pseudo-random bits (right justified, with leading zeros). This method overrides ajava.util.Random
method, and serves to provide a source of random bits to all of the methods inherited from that class (for example,nextInt
,nextLong
, andnextFloat
).
-
getSeed
public static byte[] getSeed(int numBytes)
Returns the given number of seed bytes, computed using the seed generation algorithm that this class uses to seed itself. This call may be used to seed other random number generators.This method is only included for backwards compatibility. The caller is encouraged to use one of the alternative
getInstance
methods to obtain a SecureRandom object, and then call thegenerateSeed
method to obtain seed bytes from that object.- Parameters:
numBytes
- the number of seed bytes to generate.- Returns:
- the seed bytes.
- See Also:
setSeed(byte[])
-
generateSeed
public byte[] generateSeed(int numBytes)
Returns the given number of seed bytes, computed using the seed generation algorithm that this class uses to seed itself. This call may be used to seed other random number generators.- Parameters:
numBytes
- the number of seed bytes to generate.- Returns:
- the seed bytes.
-
-
Traduction non disponible
Les API Java ne sont pas encore traduites en français sur l'infobrol. Seule la version anglaise est disponible pour l'instant.
Version en cache
21/11/2024 22:03:24 Cette version de la page est en cache (à la date du 21/11/2024 22:03:24) afin d'accélérer le traitement. Vous pouvez activer le mode utilisateur dans le menu en haut pour afficher la dernère version de la page.Document créé le 29/08/2006, dernière modification le 04/03/2020
Source du document imprimé : https://www.gaudry.be/java-api-rf-java/security/securerandom.html
L'infobrol est un site personnel dont le contenu n'engage que moi. Le texte est mis à disposition sous licence CreativeCommons(BY-NC-SA). Plus d'info sur les conditions d'utilisation et sur l'auteur.
Références
Ces références et liens indiquent des documents consultés lors de la rédaction de cette page, ou qui peuvent apporter un complément d'information, mais les auteurs de ces sources ne peuvent être tenus responsables du contenu de cette page.
L'auteur de ce site est seul responsable de la manière dont sont présentés ici les différents concepts, et des libertés qui sont prises avec les ouvrages de référence. N'oubliez pas que vous devez croiser les informations de sources multiples afin de diminuer les risques d'erreurs.