DATAKV-136 - Choose SecureRandom algorithm based on operating system and availability.

We now distinguish between operating systems when choosing a SecureRandom algorithm. Additionally we check the availability of the implementations and choose the first one available.

Original pull request: #21.
This commit is contained in:
Christoph Strobl
2016-06-13 12:44:22 +02:00
committed by Mark Paluch
parent eb1e043860
commit 522173e5c3
2 changed files with 144 additions and 15 deletions

View File

@@ -1,5 +1,5 @@
/*
* Copyright 2014 the original author or authors.
* Copyright 2014-2016 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -17,11 +17,15 @@ package org.springframework.data.keyvalue.core;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.List;
import java.util.UUID;
import java.util.concurrent.atomic.AtomicReference;
import org.springframework.dao.InvalidDataAccessApiUsageException;
import org.springframework.data.util.TypeInformation;
import org.springframework.util.ClassUtils;
import org.springframework.util.StringUtils;
/**
* Default implementation of {@link IdentifierGenerator} to generate identifiers of types {@link UUID}, String,
@@ -33,7 +37,7 @@ enum DefaultIdentifierGenerator implements IdentifierGenerator {
INSTANCE;
private static final String ALGORITHM = "NativePRNGBlocking";
private final AtomicReference<SecureRandom> secureRandom = new AtomicReference<SecureRandom>(null);
/*
* (non-Javadoc)
@@ -50,22 +54,55 @@ enum DefaultIdentifierGenerator implements IdentifierGenerator {
} else if (ClassUtils.isAssignable(String.class, type)) {
return (T) UUID.randomUUID().toString();
} else if (ClassUtils.isAssignable(Integer.class, type)) {
try {
return (T) SecureRandom.getInstance(ALGORITHM);
} catch (NoSuchAlgorithmException e) {
throw new InvalidDataAccessApiUsageException("Could not create SecureRandom instance.", e);
}
return (T) Integer.valueOf(getSecureRandom().nextInt());
} else if (ClassUtils.isAssignable(Long.class, type)) {
try {
return (T) Long.valueOf(SecureRandom.getInstance(ALGORITHM).nextLong());
} catch (NoSuchAlgorithmException e) {
throw new InvalidDataAccessApiUsageException("Could not create SecureRandom instance.", e);
}
return (T) Long.valueOf(getSecureRandom().nextLong());
}
throw new InvalidDataAccessApiUsageException("Non gereratable id type....");
}
private SecureRandom getSecureRandom() {
SecureRandom secureRandom = this.secureRandom.get();
if (secureRandom != null) {
return secureRandom;
}
for (String algorithm : OsTools.secureRandomAlgorithmNames()) {
try {
secureRandom = SecureRandom.getInstance(algorithm);
} catch (NoSuchAlgorithmException e) {
// ignore and try next.
}
}
if (secureRandom == null) {
throw new InvalidDataAccessApiUsageException(
String.format("Could not create SecureRandom instance for one of the algorithms '%s'.",
StringUtils.collectionToCommaDelimitedString(OsTools.secureRandomAlgorithmNames())));
}
this.secureRandom.compareAndSet(null, secureRandom);
return secureRandom;
}
/**
* @author Christoph Strobl
* @since 1.1.2
*/
private static class OsTools {
private static final String OPERATING_SYSTEM_NAME = System.getProperty("os.name").toLowerCase();
private static final List<String> SECURE_RANDOM_ALGORITHMS_LINUX_OSX_SOLARIS = Arrays.asList("NativePRNGBlocking",
"NativePRNGNonBlocking", "NativePRNG", "SHA1PRNG");
private static final List<String> SECURE_RANDOM_ALGORITHMS_WINDOWS = Arrays.asList("SHA1PRNG", "Windows-PRNG");
static List<String> secureRandomAlgorithmNames() {
return OPERATING_SYSTEM_NAME.indexOf("win") >= 0 ? SECURE_RANDOM_ALGORITHMS_WINDOWS
: SECURE_RANDOM_ALGORITHMS_LINUX_OSX_SOLARIS;
}
}
}

View File

@@ -0,0 +1,92 @@
/*
* Copyright 2016 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.data.keyvalue.core;
import static org.hamcrest.core.Is.*;
import static org.hamcrest.core.IsInstanceOf.*;
import static org.hamcrest.core.IsNull.*;
import static org.junit.Assert.*;
import java.util.Date;
import java.util.UUID;
import org.junit.Test;
import org.springframework.dao.InvalidDataAccessApiUsageException;
import org.springframework.data.util.ClassTypeInformation;
/**
* @author Christoph Strobl
*/
public class DefaultIdentifierGeneratorUnitTests {
DefaultIdentifierGenerator generator = DefaultIdentifierGenerator.INSTANCE;
/**
* @DATAKV-136
*/
@Test(expected = InvalidDataAccessApiUsageException.class)
public void shouldThrowExceptionForUnsupportedType() {
generator.generateIdentifierOfType(ClassTypeInformation.from(Date.class));
}
/**
* @DATAKV-136
*/
@Test
public void shouldGenerateUUIDValueCorrectly() {
Object value = generator.generateIdentifierOfType(ClassTypeInformation.from(UUID.class));
assertThat(value, is(notNullValue()));
assertThat(value, instanceOf(UUID.class));
}
/**
* @DATAKV-136
*/
@Test
public void shouldGenerateStringValueCorrectly() {
Object value = generator.generateIdentifierOfType(ClassTypeInformation.from(String.class));
assertThat(value, is(notNullValue()));
assertThat(value, instanceOf(String.class));
}
/**
* @DATAKV-136
*/
@Test
public void shouldGenerateLongValueCorrectly() {
Object value = generator.generateIdentifierOfType(ClassTypeInformation.from(Long.class));
assertThat(value, is(notNullValue()));
assertThat(value, instanceOf(Long.class));
}
/**
* @DATAKV-136
*/
@Test
public void shouldGenerateIntValueCorrectly() {
Object value = generator.generateIdentifierOfType(ClassTypeInformation.from(Integer.class));
assertThat(value, is(notNullValue()));
assertThat(value, instanceOf(Integer.class));
}
}