Java Reference
In-Depth Information
byte[] randomBytes = new byte[128];
SecureRandom random = new SecureRandom();
random.nextBytes(randomBytes);
It is also good practice to specify the exact random number generator and provider for
better portability.
Applicability
Insufficiently secure random numbers enable attackers to gain specific information about
the context in which they are used.
Insecure random numbers are useful in some contexts that do not require security.
These are addressed in the exceptions to “MSC02-J. Generate strong random numbers”
[Long 2012].
Bibliography
[API 2013]
SecureRandom
[Sethi 2009]
Proper Use of Java's SecureRandom
[Long 2012]
MSC02-J. Generate strong random numbers
15. Do not rely on methods that can be overridden by untrusted code
UntrustedcodecanmisuseAPIsprovidedbytrustedcodetooverridemethodssuchas
Ob-
ject.equals()
,
Object.hashCode()
, and
Thread.run()
. These methods are valuable
targetsbecausetheyarecommonlyusedbehindthescenesandmayinteractwithcompon-
ents in a way that is not easily discernible.
By providing overridden implementations, an attacker can use untrusted code to glean
sensitive information, run arbitrary code, or launch a denial of service attack.
Noncompliant Code Example (
hashCode
)
This noncompliant code example shows a
LicenseManager
class that maintains a
li-
censeMap
. The map stores a
LicenseType
and license value pair.