|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectjava.io.InputStream
cryptix.math.RandomStream
cryptix.math.PseudoRandomStream
cryptix.security.CSRandomStream
cryptix.pgp.FileRandomStream
A random stream that uses a seed file to provide an initial source of entropy. When the object is finalized, the seed file is updated (it can also be updated explicitly).
As well as the seed file, entropy is taken from the following possibly-unpredictable sources:
The GUI is a better source of entropy than some of these methods (especially for applets), but is not included here since Cryptix is non-GUI.
If neither SecureRandom nor /dev/random are available (i.e. Java 1.0.2 on most platforms other than Linux), the security of this may be a little suspect. We should really implement SecureRandom (and SeedGenerator) for Java 1.0.2.
SECURITY: in the previous version, this class could in theory be exploited by untrusted code to clobber the seed file (which can be any filename). This could be bad for certain OS or other configuration files, possibly leading to a more serious exploit.
This version includes a security check that the caller is allowed to write to the seed file.
Copyright © 1995-1997
Systemics Ltd on behalf of the
Cryptix Development Team.
All rights reserved.
$Revision: 1.1.1.1 $
Field Summary |
Fields inherited from class cryptix.security.CSRandomStream |
sha |
Fields inherited from class cryptix.math.PseudoRandomStream |
buf, len, prng, ptr |
Constructor Summary | |
FileRandomStream()
Constructs a FileRandomStream with no seed file. |
|
FileRandomStream(java.io.File seed_file)
Constructs a FileRandomStream with the given seed file. |
Method Summary | |
void |
add(byte[] entropy)
Add some entropy to the generator. |
protected void |
finalize()
|
void |
init(java.io.File seed_file)
(Re-)initializes the generator. |
void |
readSeedFile()
Add entropy from the seed file. |
void |
updateSeedFile()
Update the seed file. |
Methods inherited from class cryptix.security.CSRandomStream |
nextBuffer, seed |
Methods inherited from class cryptix.math.PseudoRandomStream |
nextByte |
Methods inherited from class cryptix.math.RandomStream |
read, read, read, skip |
Methods inherited from class java.io.InputStream |
available, close, mark, markSupported, reset |
Methods inherited from class java.lang.Object |
clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
public FileRandomStream() throws java.io.IOException
public FileRandomStream(java.io.File seed_file) throws java.io.IOException
java.lang.SecurityException
- the current security manager's checkWrite
method is called with the absolute path of seed_file
(if it is non-null).
java.io.IOException
Method Detail |
public void init(java.io.File seed_file) throws java.io.IOException
seed_file may be null if no seed file is to be used.
java.lang.SecurityException
- the current security manager's checkWrite
method is called with the absolute path of seed_file
(if it is non-null).
java.io.IOException
protected void finalize()
public void add(byte[] entropy)
add
in class CSRandomStream
public void readSeedFile()
public void updateSeedFile() throws java.io.IOException
java.io.IOException
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |