SecureRandomProvider.java example

Explorer

grendel-master
- src
  - main
    - java
      - com
        wesabe
        grendel
        Configuration.java
        Runner.java
        auth
        BasicAuthProvider.java
        Credentials.java
        Session.java
        entities
        Document.java
        DocumentPK.java
        User.java
        dao
        DocumentDAO.java
        UserDAO.java
        modules
        SecureRandomProvider.java
        openpgp
        AbstractKey.java
        AsymmetricAlgorithm.java
        CompressionAlgorithm.java
        CryptographicException.java
        HashAlgorithm.java
        KeyFlag.java
        KeySet.java
        KeySetGenerator.java
        KeySignature.java
        MasterKey.java
        MessageReader.java
        MessageWriter.java
        PregeneratedDHParameterSpec.java
        PregeneratedDSAParameterSpec.java
        SignatureType.java
        SubKey.java
        SymmetricAlgorithm.java
        UnlockedKey.java
        UnlockedKeySet.java
        UnlockedMasterKey.java
        UnlockedSubKey.java
        representations
        CreateUserRepresentation.java
        DocumentListRepresentation.java
        LinkListRepresentation.java
        LinkedDocumentListRepresentation.java
        UpdateUserRepresentation.java
        UserInfoRepresentation.java
        UserListRepresentation.java
        Validatable.java
        ValidationException.java
        resources
        DocumentResource.java
        DocumentsResource.java
        LinkResource.java
        LinkedDocumentResource.java
        LinkedDocumentsResource.java
        LinksResource.java
        UserResource.java
        UsersResource.java
        util
        HashCode.java
        IntegerEquivalent.java
        IntegerEquivalents.java
        Iterators.java
  - test
    - java
      - com
        wesabe
        grendel
        auth
        tests
        BasicAuthProviderTest.java
        CredentialsTest.java
        SessionTest.java
        entities
        dao
        tests
        DocumentDAOTest.java
        UserDAOTest.java
        tests
        DocumentTest.java
        UserTest.java
        modules
        tests
        SecureRandomProviderTest.java
        openpgp
        tests
        AsymmetricAlgorithmTest.java
        CompressionAlgorithmTest.java
        CryptographicExceptionTest.java
        HashAlgorithmTest.java
        KeyFlagTest.java
        KeySetGeneratorTest.java
        KeySetTest.java
        KeySignatureTest.java
        MasterKeyTest.java
        MessageReaderTest.java
        MessageWriterTest.java
        PregeneratedDHParameterSpecTest.java
        PregeneratedDSAParameterSpecTest.java
        SignatureTypeTest.java
        SubKeyTest.java
        SymmetricAlgorithmTest.java
        UnlockedKeySetTest.java
        UnlockedMasterKeyTest.java
        UnlockedSubKeyTest.java
        representations
        tests
        CreateUserRepresentationTest.java
        DocumentListRepresentationTest.java
        LinkListRepresentationTest.java
        LinkedDocumentListRepresentationTest.java
        UpdateUserRepresentationTest.java
        UserInfoRepresentationTest.java
        UserListRepresentationTest.java
        ValidationExceptionTest.java
        resources
        tests
        DocumentResourceTest.java
        DocumentsResourceTest.java
        LinkResourceTest.java
        LinkedDocumentResourceTest.java
        LinkedDocumentsResourceTest.java
        LinksResourceTest.java
        UserResourceTest.java
        UsersResourceTest.java
        util
        tests
        HashCodeTest.java
        IntegerEquivalentsTest.java
        IteratorsTest.java

package com.wesabe.grendel.modules;

import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.google.inject.Provider;

/**
 * A Guice {@link Provider} which manages a {@link SecureRandom} instance.
 * 
 * @author coda
 */
public class SecureRandomProvider implements Provider<SecureRandom> {
	private static final int ENTROPY_UPDATE_SIZE = 64;
	
	/**
	 * A scheduled, asynchronous task which generates additional entropy and
	 * adds it to the PRNG's entropy pool.
	 */
	private static class UpdateTask implements Runnable {
		private final SecureRandom random;
		private final Logger logger;
		
		public UpdateTask(SecureRandom random, Logger logger) {
			this.random = random;
			this.logger = logger;
		}
		
		@Override
		public void run() {
			logger.info("Generating new PRNG seed");
			final byte[] seed = SecureRandom.getSeed(ENTROPY_UPDATE_SIZE);
			logger.info("Updating PRNG seed");
			random.setSeed(seed);
		}
	}
	
	private static final Logger LOGGER = LoggerFactory.getLogger(SecureRandomProvider.class);
	private static final String PRNG_ALGORITHM = "SHA1PRNG";
	private static final String PRNG_PROVIDER = "SUN";
	
	private final SecureRandom random;
	private final ScheduledExecutorService pool;
	
	public SecureRandomProvider() {
		this.pool = Executors.newSingleThreadScheduledExecutor();
		
		LOGGER.info("Creating PRNG");
		try {
			this.random = SecureRandom.getInstance(PRNG_ALGORITHM, PRNG_PROVIDER);
		} catch (GeneralSecurityException e) {
			throw new IllegalStateException(e);
		}
		LOGGER.info("Seeding PRNG");
		random.nextInt(); // force seeding
		
		// update the PRNG every hour, starting in an hour
		pool.scheduleAtFixedRate(new UpdateTask(random, LOGGER), 1, 1, TimeUnit.HOURS);
	}
	
	@Override
	public SecureRandom get() {
		return random;
	}
}