DATAKV-136 - Choose SecureRandom algorithm based on operating system and availability.

We now distinguish between operating systems when choosing a SecureRandom algorithm. Additionally we check the availability of the implementations and choose the first one available.

Original pull request: #21.
This commit is contained in:
Christoph Strobl
2016-06-13 12:44:22 +02:00
committed by Mark Paluch
parent eb1e043860
commit 522173e5c3
2 changed files with 144 additions and 15 deletions

View File

@@ -1,5 +1,5 @@
/*
* Copyright 2014 the original author or authors.
* Copyright 2014-2016 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -17,11 +17,15 @@ package org.springframework.data.keyvalue.core;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.List;
import java.util.UUID;
import java.util.concurrent.atomic.AtomicReference;
import org.springframework.dao.InvalidDataAccessApiUsageException;
import org.springframework.data.util.TypeInformation;
import org.springframework.util.ClassUtils;
import org.springframework.util.StringUtils;
/**
* Default implementation of {@link IdentifierGenerator} to generate identifiers of types {@link UUID}, String,
@@ -33,7 +37,7 @@ enum DefaultIdentifierGenerator implements IdentifierGenerator {
INSTANCE;
private static final String ALGORITHM = "NativePRNGBlocking";
private final AtomicReference<SecureRandom> secureRandom = new AtomicReference<SecureRandom>(null);
/*
* (non-Javadoc)
@@ -50,22 +54,55 @@ enum DefaultIdentifierGenerator implements IdentifierGenerator {
} else if (ClassUtils.isAssignable(String.class, type)) {
return (T) UUID.randomUUID().toString();
} else if (ClassUtils.isAssignable(Integer.class, type)) {
try {
return (T) SecureRandom.getInstance(ALGORITHM);
} catch (NoSuchAlgorithmException e) {
throw new InvalidDataAccessApiUsageException("Could not create SecureRandom instance.", e);
}
return (T) Integer.valueOf(getSecureRandom().nextInt());
} else if (ClassUtils.isAssignable(Long.class, type)) {
try {
return (T) Long.valueOf(SecureRandom.getInstance(ALGORITHM).nextLong());
} catch (NoSuchAlgorithmException e) {
throw new InvalidDataAccessApiUsageException("Could not create SecureRandom instance.", e);
}
return (T) Long.valueOf(getSecureRandom().nextLong());
}
throw new InvalidDataAccessApiUsageException("Non gereratable id type....");
}
private SecureRandom getSecureRandom() {
SecureRandom secureRandom = this.secureRandom.get();
if (secureRandom != null) {
return secureRandom;
}
for (String algorithm : OsTools.secureRandomAlgorithmNames()) {
try {
secureRandom = SecureRandom.getInstance(algorithm);
} catch (NoSuchAlgorithmException e) {
// ignore and try next.
}
}
if (secureRandom == null) {
throw new InvalidDataAccessApiUsageException(
String.format("Could not create SecureRandom instance for one of the algorithms '%s'.",
StringUtils.collectionToCommaDelimitedString(OsTools.secureRandomAlgorithmNames())));
}
this.secureRandom.compareAndSet(null, secureRandom);
return secureRandom;
}
/**
* @author Christoph Strobl
* @since 1.1.2
*/
private static class OsTools {
private static final String OPERATING_SYSTEM_NAME = System.getProperty("os.name").toLowerCase();
private static final List<String> SECURE_RANDOM_ALGORITHMS_LINUX_OSX_SOLARIS = Arrays.asList("NativePRNGBlocking",
"NativePRNGNonBlocking", "NativePRNG", "SHA1PRNG");
private static final List<String> SECURE_RANDOM_ALGORITHMS_WINDOWS = Arrays.asList("SHA1PRNG", "Windows-PRNG");
static List<String> secureRandomAlgorithmNames() {
return OPERATING_SYSTEM_NAME.indexOf("win") >= 0 ? SECURE_RANDOM_ALGORITHMS_WINDOWS
: SECURE_RANDOM_ALGORITHMS_LINUX_OSX_SOLARIS;
}
}
}