Java Reference
In-Depth Information
Problem
You are generating random numbers for use with some secure context, such as a RSA
key.
Solution
Utilize the
SecureRandom.getInstanceStrong()
method to produce a
Se-
cureRandom
object that has been selected by using the algorithms or providers that
are specified in the
SecureRandom.strongAlgorithmsSecurity
property. In
the following example, a
SecureRandom
object is generated using the
getIn-
stanceStrong()
method. A seed is then generated from the
SecureRandom
in-
stance, which can later be used for some secure purpose.
SecureRandom strongSecure
= SecureRandom.getInstanceStrong();
byte seed[] = strongSecure.generateSeed(20);
How It Works
In certain situations, a secure random key is required. One such situation is for generat-
ing RSA public and private keys. In these situations, the
SecureRandom getIn-
stanceStrong()
method returns a
SecureRandom
object that was selected by
using the algorithms and providers specified in the
secureRan-
dom.strongAlgorithms
security policy. You can obtain the algorithms by calling
on the
Security.getAlgorithms()
method and passing the Java cryptographic
service name.
22-5. Granting Permissions for Rich In-
ternet Applications
Problem