• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

[SECURITY][SecureRandom] Problem!

 
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi everybody!

I wrote this little program :


My problem is when the method :



is executed : nothing occurs!

I don't understand what happen!

thanks before for your help!!

@+

fabszn
 
Ranch Hand
Posts: 65
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Perhaps I'm misunderstanding your question. SecureRandom.nextBytes(byte[]) fills the byte[] with random bytes - each call will fill it differently. So, the following code:produces the following output on my machine:Your code isn't doing anything with those bytes. What are you expecting to happen?

Grant

[Edited for typo]
[ October 19, 2005: Message edited by: G Gainey ]
 
Fabrice SZNAJDERMAN
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello,

Thank u for your answer!

In theory, I use this code for encryption of one password.

I'm sorry about my english writing...

I believe I found why my code it doesn't work.
The reason, I think, is cause of certificat.

I follow this way about certificat, I give you return if I found any solutions.

in a friendly way

Fabszn
[ October 20, 2005: Message edited by: Fabrice SZNAJDERMAN ]
 
Fabrice SZNAJDERMAN
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello,

In fact, I use this code :


I can read on the web, the problem was to be bind to the certificat.
I don't understand how it work between SecureRandom's class and certificat.

Have you got an idea?

Thank before for your help!
 
Grant Gainey
Ranch Hand
Posts: 65
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I don't know what Crypto.getRandom() is doing - where is that coming from? It's not "standard" Java.

I'm also afraid that I don't understand what problem you're having at this point. It's certainly a language problem - but your English is certainly better than my anything-other-than-English, so don't feel bad!

Can you tell us a little more about what you're trying to accomplish and exactly what problem you're currently having?

Grant
 
Fabrice SZNAJDERMAN
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello,

Thank u for your answer!

Crypto.getRandom() coming from the CCM API
You can see the details here :Crypto API Doc.

In fact, I work on portal project for my company.
For this project they used Content Manager from RedHat who's name RedHatCCM.
For the needs , they decompiled the CCM's core API.

My problem is : When an user log him on the application, it get his password and login.
With that , check if the user is existing in LDAP. If the user exist, the system add the user in the RedHatCCM's Database.
For this, it must encrypt the password found in LDAP.

For encrypt the password, the system use this code :

....
byte salt[] = new byte[16];
SecureRandom sr = Crypto.getRandom();
sr.nextBytes(salt);
....

When this code is executing, the program remains blocked in the method : nextBytes(salt);

I don't know why...


Have you an idea?


Thank in advance!

Fabrice
 
Grant Gainey
Ranch Hand
Posts: 65
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Ah - you're running on Linux, I assume. I seem to recall that there's an issue with /dev/random on Linux. There's a way to point SecureRandom at /dev/urandom, I think. I don't recall what it is - but if you do some Googleing on "SecureRandom /dev/random hang" you'll likely get some good results.

SecureRandom needs a pool of entropy in order to provide truly random data. /dev/random is the device that's designed for that - but if it doesn't have enough "randomness", it blocks until it's happy. This can cause initializing SecureRandom. or reads from it, to take forever. urandom isn't as good a source, but it won't hang your app either.

Grant
 
Fabrice SZNAJDERMAN
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello,

Thanks u for your answer

Yes My application run on Linux..
I already tried to solve my problem by this way...
I changed the java.security file of my Jre.
I tried to put the parameter directly on the command line of my application.
But,with my large to desespoir, nothing occurs.

I'm working on this problem since one week...I must fill up my ideas because my ideas' bag is empty..;-)

the waste thing about my problem, there is no exception..

I don't know which way I can follow now...

Fabrice
 
Grant Gainey
Ranch Hand
Posts: 65
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hrm. Have you tried on the RedHat forums? Also - is there a specific reason you can't just use the SecureRandom provided with the JDK? I don't see anything in the ArsDigita stuff that would break if you just used the JDK "new SecureRandom()" call (admittedly, after only a cursory skim of the AD docs...)

What version of RedHat are you using? What version of the JDK?

There are lots of people with ideas here - I'm sure we'll get your bag refilled!

Grant
 
Fabrice SZNAJDERMAN
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello,

I apologize, I forgot to tell you something.
There is two environments where running the application.

The dev environment's and the product's environment.

On the dev's env. it works fine. It on the product's env. it doesn't works.
the dev's env. it's a RedHat Linux 2.4.18-3smp and on the other env. it's Redhat linux 2.6.13.1-grsu On both server it is JDK 1.4.1 used

I agree with you,it isn't a best practice to use a different environments. But I have no choice about that.

so where is my bag of ideas....
[ October 21, 2005: Message edited by: Fabrice SZNAJDERMAN ]
 
Grant Gainey
Ranch Hand
Posts: 65
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Different environments are ok - although I'm a little surprised that your dev-env is back-level from your production one, it's usually the other way around.

So, if you're running the same JVM on both (1.4.1? Ew. There were some significant fixes in 1.4.2; not sure if any were in this specific area), then there must be something about 2.6.2 that's causing problems. Any responses from RedHat? And I say again - any reason you have to use the Crypto.getSecureRandom, instead of just using the one built into 1.4?

Grant
 
Fabrice SZNAJDERMAN
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello,

Yes I'm agree with about the differents environements. I started my job in this company, in 3 october... And I discover the env. little by little.

I look for the Redhat Forum's and I've no answer at this time.

About Crypto.getRandom, It's like that was implemented in RedHatCCM core.
I tried ti use new SecureRandom() and it's the same result.
I decompiled Crypto class: you can see the code of getRandom() method :


public static SecureRandom getRandom()
throws GeneralSecurityException
{
if(s_random == null)
s_random = SecureRandom.getInstance(RANDOM_ALGO);
return s_random;
}

I must leave now... but I do search this week end..
Thank you very much for help... Hope to see you on monday!
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic