
All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class java.security.SecureRandom


java.lang.Object
   |
   +----java.util.Random
           |
           +----java.security.SecureRandom

public class SecureRandom
extends Random

This class provides a crytpographically strong pseudo-random number generator based on the SHA-1 hash algorithm.

The calls inherited from Random will be implemented in terms of the strengthened functionality.

See Also:: Random

SecureRandom(): This empty constructor automatically seeds the generator.
SecureRandom(byte[]): This constructor uses a user-provided seed in preference to the self-seeding algorithm referred to in the empty constructor description.

getSeed(int): Returns the given number of seed bytes, computed using the seed generation algorithm that this class uses to seed itself.
next(int): Generates an integer containing the user-specified number of pseudo-random bits (right justified, with leading zeros).
nextBytes(byte[]): Generates a user-specified number of random bytes.
setSeed(byte[]): Reseeds this random object.
setSeed(long): Reseeds this random object, using the eight bytes contained in the given long seed.

SecureRandom


 public SecureRandom()

This empty constructor automatically seeds the generator. We attempt to provide sufficient seed bytes to completely randomize the internal state of the generator (20 bytes). Note, however, that our seed generation algorithm has not been thoroughly studied or widely deployed. It relies on counting the number of times that the calling thread can yield while waiting for another thread to sleep for a specified interval.

The first time this constructor is called in a given Virtual Machine, it may take several seconds of CPU time to seed the generator, depending on the underlying hardware. Successive calls run quickly because they rely on the same (internal) pseudo-random number generator for their seed bits.

The seeding procedure implemented by this constructor ensures that the sequence of pseudo-random bytes produced by each SecureRandom instance yields no useful information about the byte-sequence produced by any other instance. If however, the user wishes to produce multiple instances with truly unrelated seeds, the following code yields the desired result (at substantial CPU cost per instance!):

SecureRandom rnd = new SecureRandom(SecureRandom.getSeed(20));

SecureRandom


 public SecureRandom(byte seed[])

This constructor uses a user-provided seed in preference to the self-seeding algorithm referred to in the empty constructor description. It may be preferable to the empty constructor if the caller has access to high-quality random bytes from some physical device (for example, a radiation detector or a noisy diode).

Parameters:: seed - the seed.

setSeed


 public synchronized void setSeed(byte seed[])

Reseeds this random object. The given seed supplements, rather than replaces, the existing seed. Thus, repeated calls are guaranteed never to reduce randomness.

Parameters:: seed - the seed.

setSeed


 public void setSeed(long seed)

Reseeds this random object, using the eight bytes contained in the given long seed. The given seed supplements, rather than replaces, the existing seed. Thus, repeated calls are guaranteed never to reduce randomness.

This method is defined for compatibility with java.util.Random.

Parameters:: seed - the seed.
Overrides:: setSeed in class Random

nextBytes


 public synchronized void nextBytes(byte bytes[])

Generates a user-specified number of random bytes. This method is used as the basis of all random entities returned by this class (except seed bytes). Thus, it may be overridden to change the behavior of the class.

Parameters:: bytes - the array to be filled in with random bytes.
Overrides:: nextBytes in class Random

next


 protected final int next(int numBits)

Generates an integer containing the user-specified number of pseudo-random bits (right justified, with leading zeros). This method overrides a java.util.Random method, and serves to provide a source of random bits to all of the methods inherited from that class (for example, nextInt, nextLong, and nextFloat).

Parameters:: numBits - number of pseudo-random bits to be generated, where 0 <= numBits <= 32.
Overrides:: next in class Random

getSeed


 public static byte[] getSeed(int numBytes)

Returns the given number of seed bytes, computed using the seed generation algorithm that this class uses to seed itself. This call may be used to seed other random number generators. While we attempt to return a "truly random" sequence of bytes, we do not know exactly how random the bytes returned by this call are. (See the empty constructor SecureRandom for a brief description of the underlying algorithm.) The prudent user will err on the side of caution and get extra seed bytes, although it should be noted that seed generation is somewhat costly.

Parameters:: numBytes - the number of seed bytes to generate.
Returns:: the seed bytes.


All Packages  Class Hierarchy  This Package  Previous  Next  Index

Submit a bug or feature