All Packages Class Hierarchy This Package Previous Next Index
Class cryptix.pgp.FileRandomStream
java.lang.Object
|
+----java.io.InputStream
|
+----cryptix.math.RandomStream
|
+----cryptix.math.PseudoRandomStream
|
+----cryptix.security.CSRandomStream
|
+----cryptix.pgp.FileRandomStream
- public class FileRandomStream
- extends CSRandomStream
A random stream that uses a seed file to provide an initial source of
entropy. When the object is finalized, the seed file is updated (it can
also be updated explicitly).
As well as the seed file, entropy is taken from the following
possibly-unpredictable sources:
- a stack trace for the current method,
- the current time in milliseconds,
- the times (in milliseconds) taken to do a garbage collection and a
finalization,
- 20 bytes generated from new SecureRandom(), if available (i.e.
on Java 1.1 only),
- the System properties (or if they cannot be read, some properties
accessible to applets),
- the IP address(es) of localhost,
- listings of the directories ".", "..", "/", "/tmp", "/temp" and
user.home, if available.
- 20 bytes from /dev/random, if it exists and can be read.
The GUI is a better source of entropy than some of these methods
(especially for applets), but is not included here since Cryptix is
non-GUI.
If neither SecureRandom nor /dev/random are available (i.e. Java 1.0.2
on most platforms other than Linux), the security of this may be a little
suspect. We should really implement SecureRandom (and SeedGenerator) for
Java 1.0.2.
SECURITY: in the previous version, this class could in theory be exploited by
untrusted code to clobber the seed file (which can be any filename). This could
be bad for certain OS or other configuration files, possibly leading to a more
serious exploit.
This version includes a security check that the caller is allowed to write to
the seed file.
Copyright © 1995-1997
Systemics Ltd on behalf of the
Cryptix Development Team.
All rights reserved.
$Revision: 1.1.1.1 $
- Author:
- original author unknown, David Hopwood
-
FileRandomStream()
- Constructs a FileRandomStream with no seed file.
-
FileRandomStream(File)
- Constructs a FileRandomStream with the given seed file.
-
add(byte[])
- Add some entropy to the generator.
-
finalize()
-
-
init(File)
- (Re-)initializes the generator.
-
readSeedFile()
- Add entropy from the seed file.
-
updateSeedFile()
- Update the seed file.
FileRandomStream
public FileRandomStream() throws IOException
- Constructs a FileRandomStream with no seed file.
FileRandomStream
public FileRandomStream(File seed_file) throws IOException
- Constructs a FileRandomStream with the given seed file.
- Throws: SecurityException
- the current security manager's checkWrite
method is called with the absolute path of seed_file
(if it is non-null).
init
public synchronized void init(File seed_file) throws IOException
- (Re-)initializes the generator. This will attempt to gather
somewhat-unpredictable input from various sources, in addition to
the seed file.
seed_file may be null if no seed file is to be used.
- Throws: SecurityException
- the current security manager's checkWrite
method is called with the absolute path of seed_file
(if it is non-null).
finalize
protected void finalize()
- Overrides:
- finalize in class Object
add
public void add(byte entropy[])
- Add some entropy to the generator.
- Overrides:
- add in class CSRandomStream
readSeedFile
public synchronized void readSeedFile()
- Add entropy from the seed file.
updateSeedFile
public synchronized void updateSeedFile() throws IOException
- Update the seed file.
All Packages Class Hierarchy This Package Previous Next Index