5391N/A * Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 2362N/A * published by the Free Software Foundation. Oracle designates this 0N/A * particular file as subject to the "Classpath" exception as provided 2362N/A * by Oracle in the LICENSE file that accompanied this code. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2362N/A * or visit www.oracle.com if you need additional information or have any 0N/A * <p>This class provides a crytpographically strong pseudo-random number 0N/A * generator based on the SHA-1 hash algorithm. 0N/A * <p>Note that if a seed is not provided, we attempt to provide sufficient 0N/A * seed bytes to completely randomize the internal state of the generator 0N/A * (20 bytes). However, our seed generation algorithm has not been thoroughly 0N/A * studied or widely deployed. 0N/A * <p>Also note that when a random object is deserialized, 0N/A * <a href="#engineNextBytes(byte[])">engineNextBytes</a> invoked on the 0N/A * restored random object will yield the exact same (random) bytes as the 0N/A * original object. If this behaviour is not desired, the restored random 0N/A * object should be seeded, using 0N/A * <a href="#engineSetSeed(byte[])">engineSetSeed</a>. 0N/A * @author Benjamin Renaud 0N/A * @author Josh Bloch 0N/A * This empty constructor automatically seeds the generator. We attempt 0N/A * to provide sufficient seed bytes to completely randomize the internal 0N/A * state of the generator (20 bytes). Note, however, that our seed 0N/A * generation algorithm has not been thoroughly studied or widely deployed. 0N/A * <p>The first time this constructor is called in a given Virtual Machine, 0N/A * it may take several seconds of CPU time to seed the generator, depending 0N/A * on the underlying hardware. Successive calls run quickly because they 0N/A * rely on the same (internal) pseudo-random number generator for their 0N/A * This constructor is used to instatiate the private seeder object 0N/A * with a given seed from the SeedGenerator. 0N/A * @param seed the seed. 0N/A * This call, used by the constructors, instantiates the SHA digest 0N/A * and sets the seed, if given. 0N/A * Returns the given number of seed bytes, computed using the seed 0N/A * generation algorithm that this class uses to seed itself. This 0N/A * call may be used to seed other random number generators. While 0N/A * we attempt to return a "truly random" sequence of bytes, we do not 0N/A * know exactly how random the bytes returned by this call are. (See 0N/A * the empty constructor <a href = "#SecureRandom">SecureRandom</a> 0N/A * for a brief description of the underlying algorithm.) 0N/A * The prudent user will err on the side of caution and get extra 0N/A * seed bytes, although it should be noted that seed generation is 0N/A * @param numBytes the number of seed bytes to generate. 0N/A * @return the seed bytes. 0N/A * Reseeds this random object. The given seed supplements, rather than 0N/A * replaces, the existing seed. Thus, repeated calls are guaranteed 0N/A * never to reduce randomness. 0N/A * @param seed the seed. 0N/A // state(n + 1) = (state(n) + output(n) + 1) % 2^160; 0N/A // Result is lower 8 bits 0N/A // Store result. Check for state collision. 0N/A // High 8 bits are carry. Store for next iteration. 0N/A // Make sure at least one bit changes! 5391N/A * This static object will be seeded by SeedGenerator, and used 5391N/A * to seed future instances of SHA1PRNG SecureRandoms. 5391N/A * Bloch, Effective Java Second Edition: Item 71 5391N/A * Call to SeedGenerator.generateSeed() to add additional 5391N/A * seed material (likely from the Native implementation). 0N/A * Generates a user-specified number of random bytes. 0N/A * @param bytes the array to be filled in with random bytes. 0N/A // Use remainder from last time 0N/A // Copy the bytes, zero the buffer 0N/A // If we need more bytes, make them. 0N/A // Copy the bytes, zero the buffer 0N/A // Store remainder for next time 0N/A * readObject is called to restore the state of the random object from 0N/A * a stream. We have to create a new instance of MessageDigest, because 0N/A * it is not included in the stream (it is marked "transient"). 0N/A * Note that the engineNextBytes() method invoked on the restored random 0N/A * object will yield the exact same (random) bytes as the original. 0N/A * If you do not want this behaviour, you should re-seed the restored 0N/A * random object, using engineSetSeed().