Package com.netflix.spinnaker.kork.crypto

Class SecureRandomBuilder

java.lang.Object

com.netflix.spinnaker.kork.crypto.SecureRandomBuilder

public class SecureRandomBuilder
extends Object

Builder class for creating a SecureRandom instance using a deterministic random bit generator (DRBG).

See Also:

• NIST Special Publication 800-90A Revision 1 (Recommendation for Random Number Generation Using Deterministic Random Bit Generators)
• DrbgParameters

Constructor Summary

Constructors

Constructor	Description
SecureRandomBuilder()

Method Summary

Modifier and Type	Method	Description
SecureRandom	build()	Creates a random generator using the settings from this builder.
static SecureRandomBuilder	create()	Creates a new builder for SecureRandom instances.
SecureRandomBuilder	withAlgorithm(String algorithm)	Overrides the algorithm name to use.
SecureRandomBuilder	withPersonalizationString(byte[] personalizationString)	Specifies a personalization string to use during instantiation of the random generator.
SecureRandomBuilder	withPersonalizationString(String personalizationString)	Specifies a personalization string which is converted to UTF-8.
SecureRandomBuilder	withPredictionResistance()	Enables support for prediction resistance (and by extension, reseeding).
SecureRandomBuilder	withProvider(String provider)	Specifies a particular security provider name to use.
SecureRandomBuilder	withProvider(Provider provider)	Specifies a particular security provider to use.
SecureRandomBuilder	withReseedSupport()	Enables support for SecureRandom.reseed() and SecureRandom.reseed(SecureRandomParameters).
SecureRandomBuilder	withStrength(int bitStrength)	Specifies the required security strength in bits for the built random generator.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SecureRandomBuilder

public SecureRandomBuilder()

Method Details

withAlgorithm

public SecureRandomBuilder withAlgorithm(String algorithm)

Overrides the algorithm name to use. By default, this is DRBG.

withProvider

public SecureRandomBuilder withProvider(String provider)

Specifies a particular security provider name to use.

withProvider

public SecureRandomBuilder withProvider(Provider provider)

Specifies a particular security provider to use.

withStrength

public SecureRandomBuilder withStrength(int bitStrength)

Specifies the required security strength in bits for the built random generator. If set to -1 or otherwise left unspecified, then the default strength will be used depending on the system configuration. The default Sun provider uses a strength of 128.

See Also:

• DrbgParameters

withReseedSupport

public SecureRandomBuilder withReseedSupport()

Enables support for SecureRandom.reseed() and SecureRandom.reseed(SecureRandomParameters). Long-running use of a random generator may periodically desire reseeding from an underlying entropy source. The default Sun provider supports reseeding.

See Also:

• DrbgParameters

withPredictionResistance

public SecureRandomBuilder withPredictionResistance()

Enables support for prediction resistance (and by extension, reseeding). The default Sun provider supports prediction resistance.

See Also:

• DrbgParameters

withPersonalizationString

public SecureRandomBuilder withPersonalizationString(byte[] personalizationString)

Specifies a personalization string to use during instantiation of the random generator. A personalization string is useful for separating different uses of random generators.

See Also:

• DrbgParameters

withPersonalizationString

public SecureRandomBuilder withPersonalizationString(String personalizationString)

Specifies a personalization string which is converted to UTF-8.

See Also:

• withPersonalizationString(byte[])

build

public SecureRandom build()

Creates a random generator using the settings from this builder.

create

public static SecureRandomBuilder create()

Creates a new builder for SecureRandom instances.