[kaffe] patch w/ security implications for SecureRandom
jrandom
auto97841 at hushmail.com
Mon Oct 27 11:06:02 PST 2003
Hola,
I've been running into some messy stuff with the kaffe SecureRandom and
finally looked into what was up - there was a missing shift in the next(int
numbits) function. Demo program & trivial patch below. I know kaffe's
SecureRandom isn't really a strong PRNG (is anyone working on a Yarrow
for kaffe?), but any app using it at the moment is, well, in need of
the patch below :)
hth,
-jrandom
Simple demo of the bug:
------------
import java.security.SecureRandom;
import java.util.Random;
public class Test {
public static void main(String args[]) {
test(new SecureRandom(), 10);
test(new Random(), 10);
}
private static void test(Random r, int numIter) {
System.out.println("Testing " + r.getClass().getName());
for (int i = 0; i < 10; i++) {
long l = r.nextLong();
System.out.println(i + " [" + l + "] (" + Long.toBinaryString(l)
+ ") ");
}
System.out.println("Done testing " + r.getClass().getName());
}
}
-----------
Sample output before the patch on my kaffe box:
Testing java.security.SecureRandom
0 [485331304609] (111000100000000000000000000000010100001)
1 [850403524785] (1100011000000000000000000000000010110001)
2 [919123001347] (1101011000000000000000000000000000000011)
3 [206158430230] (11000000000000000000000000000000010110)
4 [837518622739] (1100001100000000000000000000000000010011)
5 [240518168774] (11100000000000000000000000000011000110)
6 [506806140953] (111011000000000000000000000000000011001)
7 [403726925898] (101111000000000000000000000000001001010)
8 [884763263106] (1100111000000000000000000000000010000010)
9 [408021893246] (101111100000000000000000000000001111110)
Done testing java.security.SecureRandom
Testing java.util.Random
0 [7781075220929149332] (110101111111011111011101011000000000010000100110111100110010100)
1 [-317457789747590082] (1111101110011000001010011101001001111010111010100000110000111110)
2 [-3814930664803988178] (1100101100001110101001001100010111010001100111010000110100101110)
3 [1007193745524635274] (110111111010010001010110000000001101111111011011011010001010)
4 [5083814200251274789] (100011010001101010101100001010001110110000100000101011000100101)
5 [5854697486221474743] (101000101000000000100000101100000011101100110100111101110110111)
6 [-5360587802442579051] (1011010110011011010111011100101110011000000111100100001110010101)
7 [-3127346571602884347] (1101010010011001011011101101110011001110000100110000100100000101)
8 [7616175186000864155] (110100110110010000101101111101010111100101110011110001110011011)
9 [-2093415537414060723] (1110001011110010101100011010100011111101001001101100010101001101)
Done testing java.util.Random
Index: libraries/javalib/java/security/SecureRandom.java
===================================================================
RCS file: /cvs/kaffe/kaffe/libraries/javalib/java/security/SecureRandom.java,
v
retrieving revision 1.4
diff -c -r1.4 SecureRandom.java
*** libraries/javalib/java/security/SecureRandom.java 20 Feb 2003 13:52:09
-0000 1.4
--- libraries/javalib/java/security/SecureRandom.java 27 Oct 2003 18:34:21
-0000
***************
*** 83,89 ****
nextBytes(res);
for( lpc = res.length - 1; lpc >= 0; lpc-- )
{
! retval |= (res[res.length - lpc - 1] << (8 * lpc)) &
0xFF;
}
return retval >> (res.length * 8 - numBits);
--- 83,89 ----
nextBytes(res);
for( lpc = res.length - 1; lpc >= 0; lpc-- )
{
! retval |= (res[res.length - lpc - 1] << (8 * lpc)) &
(0xFF << (8 * lpc));
}
return retval >> (res.length * 8 - numBits);
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434
Promote security and make money with the Hushmail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427
More information about the kaffe
mailing list