mirror of https://github.com/hyperledger/besu
Remove classes that are not used (#278)
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>pull/282/head
Antoine Toulme
5 years ago
committed by
Danno Ferrin
parent
4b35e4f785
commit
0fdd09991d
@ -1,93 +0,0 @@ |
||||
/* |
||||
* Copyright ConsenSys AG. |
||||
* |
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with |
||||
* the License. You may obtain a copy of the License at |
||||
* |
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* |
||||
* Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on |
||||
* an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the |
||||
* specific language governing permissions and limitations under the License. |
||||
* |
||||
* SPDX-License-Identifier: Apache-2.0 |
||||
*/ |
||||
package org.hyperledger.besu.crypto; |
||||
|
||||
import java.security.SecureRandom; |
||||
|
||||
import com.google.common.annotations.VisibleForTesting; |
||||
import org.bouncycastle.crypto.Digest; |
||||
import org.bouncycastle.crypto.digests.SHA256Digest; |
||||
import org.bouncycastle.crypto.prng.SP800SecureRandomBuilder; |
||||
|
||||
public class PRNGSecureRandom extends SecureRandom { |
||||
private static final int SECURITY_STRENGTH = 256; |
||||
private final SecureRandom sp800SecureRandom; |
||||
private final QuickEntropy quickEntropy; |
||||
|
||||
public PRNGSecureRandom() { |
||||
this(new QuickEntropy(), new SP800SecureRandomBuilder()); |
||||
} |
||||
|
||||
@VisibleForTesting |
||||
protected PRNGSecureRandom( |
||||
final QuickEntropy quickEntropy, final SP800SecureRandomBuilder sp800SecureRandomBuilder) { |
||||
final Digest digest = new SHA256Digest(); |
||||
final byte[] personalizationString = PersonalisationString.getPersonalizationString(); |
||||
this.quickEntropy = quickEntropy; |
||||
// prediction resistance is not required as we are applying a light reseed on each nextBytes
|
||||
// with quick entropy.
|
||||
this.sp800SecureRandom = |
||||
sp800SecureRandomBuilder |
||||
.setSecurityStrength(SECURITY_STRENGTH) |
||||
.setPersonalizationString(personalizationString) |
||||
.buildHash(digest, null, false); |
||||
} |
||||
|
||||
@Override |
||||
public String getAlgorithm() { |
||||
return sp800SecureRandom.getAlgorithm(); |
||||
} |
||||
|
||||
@Override |
||||
/* |
||||
JDK SecureRandom.setSeed method is synchronized on some JDKs, it varies between versions. |
||||
But sync at method level isn't needed as we are delegating to SP800SecureRandom and it uses a sync block. |
||||
*/ |
||||
@SuppressWarnings("UnsynchronizedOverridesSynchronized") |
||||
public void setSeed(final byte[] seed) { |
||||
sp800SecureRandom.setSeed(seed); |
||||
} |
||||
|
||||
@Override |
||||
/* |
||||
JDK SecureRandom.setSeed method is synchronized on some JDKs, it varies between versions. |
||||
But sync at method level isn't needed as we are delegating to SP800SecureRandom and it uses a sync block. |
||||
*/ |
||||
@SuppressWarnings("UnsynchronizedOverridesSynchronized") |
||||
public void setSeed(final long seed) { |
||||
// As setSeed is called by the super constructor this can be called before the sp800SecureRandom
|
||||
// field is initialised
|
||||
if (sp800SecureRandom != null) { |
||||
sp800SecureRandom.setSeed(seed); |
||||
} |
||||
} |
||||
|
||||
@Override |
||||
/* |
||||
JDK SecureRandom.nextBytes method is synchronized on some JDKs, it varies between versions. |
||||
But sync at method level isn't needed as we are delegating to SP800SecureRandom and it uses a sync block. |
||||
*/ |
||||
@SuppressWarnings("UnsynchronizedOverridesSynchronized") |
||||
public void nextBytes(final byte[] bytes) { |
||||
sp800SecureRandom.setSeed(quickEntropy.getQuickEntropy()); |
||||
sp800SecureRandom.nextBytes(bytes); |
||||
} |
||||
|
||||
@Override |
||||
public byte[] generateSeed(final int numBytes) { |
||||
sp800SecureRandom.setSeed(quickEntropy.getQuickEntropy()); |
||||
return sp800SecureRandom.generateSeed(numBytes); |
||||
} |
||||
} |
||||
@ -1,67 +0,0 @@ |
||||
/* |
||||
* Copyright ConsenSys AG. |
||||
* |
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with |
||||
* the License. You may obtain a copy of the License at |
||||
* |
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* |
||||
* Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on |
||||
* an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the |
||||
* specific language governing permissions and limitations under the License. |
||||
* |
||||
* SPDX-License-Identifier: Apache-2.0 |
||||
*/ |
||||
package org.hyperledger.besu.crypto; |
||||
|
||||
import java.net.NetworkInterface; |
||||
import java.net.SocketException; |
||||
import java.nio.BufferOverflowException; |
||||
import java.nio.ByteBuffer; |
||||
import java.util.Arrays; |
||||
import java.util.Enumeration; |
||||
|
||||
import com.google.common.primitives.Bytes; |
||||
import com.google.common.primitives.Ints; |
||||
import com.google.common.primitives.Longs; |
||||
import org.apache.logging.log4j.LogManager; |
||||
import org.apache.logging.log4j.Logger; |
||||
|
||||
public class PersonalisationString { |
||||
private static final Logger LOG = LogManager.getLogger(PersonalisationString.class); |
||||
private static final byte[] NETWORK_MACS = networkHardwareAddresses(); |
||||
|
||||
public static byte[] getPersonalizationString() { |
||||
final Runtime runtime = Runtime.getRuntime(); |
||||
final byte[] threadId = Longs.toByteArray(Thread.currentThread().getId()); |
||||
final byte[] availProcessors = Ints.toByteArray(runtime.availableProcessors()); |
||||
final byte[] freeMem = Longs.toByteArray(runtime.freeMemory()); |
||||
final byte[] runtimeMem = Longs.toByteArray(runtime.maxMemory()); |
||||
return Bytes.concat(threadId, availProcessors, freeMem, runtimeMem, NETWORK_MACS); |
||||
} |
||||
|
||||
private static byte[] networkHardwareAddresses() { |
||||
final byte[] networkAddresses = new byte[256]; |
||||
final ByteBuffer buffer = ByteBuffer.wrap(networkAddresses); |
||||
try { |
||||
final Enumeration<NetworkInterface> networkInterfaces = |
||||
NetworkInterface.getNetworkInterfaces(); |
||||
if (networkInterfaces != null) { |
||||
while (networkInterfaces.hasMoreElements()) { |
||||
final NetworkInterface networkInterface = networkInterfaces.nextElement(); |
||||
final byte[] hardwareAddress = networkInterface.getHardwareAddress(); |
||||
if (hardwareAddress != null) { |
||||
buffer.put(hardwareAddress); |
||||
} |
||||
} |
||||
} |
||||
} catch (final SocketException | BufferOverflowException e) { |
||||
LOG.warn( |
||||
"Failed to obtain network hardware address for use in random number personalisation string, " |
||||
+ "continuing without this piece of random information", |
||||
e); |
||||
} |
||||
|
||||
return Arrays.copyOf(networkAddresses, buffer.position()); |
||||
} |
||||
} |
||||
@ -1,28 +0,0 @@ |
||||
/* |
||||
* Copyright ConsenSys AG. |
||||
* |
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with |
||||
* the License. You may obtain a copy of the License at |
||||
* |
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* |
||||
* Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on |
||||
* an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the |
||||
* specific language governing permissions and limitations under the License. |
||||
* |
||||
* SPDX-License-Identifier: Apache-2.0 |
||||
*/ |
||||
package org.hyperledger.besu.crypto; |
||||
|
||||
import com.google.common.primitives.Bytes; |
||||
import com.google.common.primitives.Ints; |
||||
import com.google.common.primitives.Longs; |
||||
|
||||
public class QuickEntropy { |
||||
|
||||
public byte[] getQuickEntropy() { |
||||
final byte[] nanoTimeBytes = Longs.toByteArray(System.nanoTime()); |
||||
final byte[] objectHashBytes = Ints.toByteArray(new Object().hashCode()); |
||||
return Bytes.concat(nanoTimeBytes, objectHashBytes); |
||||
} |
||||
} |
||||
@ -1,66 +0,0 @@ |
||||
/* |
||||
* Copyright ConsenSys AG. |
||||
* |
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with |
||||
* the License. You may obtain a copy of the License at |
||||
* |
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* |
||||
* Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on |
||||
* an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the |
||||
* specific language governing permissions and limitations under the License. |
||||
* |
||||
* SPDX-License-Identifier: Apache-2.0 |
||||
*/ |
||||
package org.hyperledger.besu.crypto; |
||||
|
||||
import static org.mockito.ArgumentMatchers.any; |
||||
import static org.mockito.ArgumentMatchers.anyBoolean; |
||||
import static org.mockito.ArgumentMatchers.anyInt; |
||||
import static org.mockito.ArgumentMatchers.eq; |
||||
import static org.mockito.Mockito.mock; |
||||
import static org.mockito.Mockito.times; |
||||
import static org.mockito.Mockito.verify; |
||||
import static org.mockito.Mockito.when; |
||||
|
||||
import org.bouncycastle.crypto.digests.SHA256Digest; |
||||
import org.bouncycastle.crypto.prng.SP800SecureRandom; |
||||
import org.bouncycastle.crypto.prng.SP800SecureRandomBuilder; |
||||
import org.junit.Test; |
||||
|
||||
public class PRNGSecureRandomTest { |
||||
|
||||
@Test |
||||
public void createsSecureRandomInitialisedToUsePRNG() { |
||||
final QuickEntropy quickEntropy = mock(QuickEntropy.class); |
||||
final SP800SecureRandomBuilder sp800Builder = mock(SP800SecureRandomBuilder.class); |
||||
|
||||
when(sp800Builder.setSecurityStrength(anyInt())).thenReturn(sp800Builder); |
||||
when(sp800Builder.setPersonalizationString(any())).thenReturn(sp800Builder); |
||||
|
||||
new PRNGSecureRandom(quickEntropy, sp800Builder); |
||||
verify(sp800Builder).buildHash(any(SHA256Digest.class), eq(null), eq(false)); |
||||
verify(sp800Builder).setSecurityStrength(256); |
||||
verify(sp800Builder).setPersonalizationString(any()); |
||||
} |
||||
|
||||
@Test |
||||
public void reseedsUsingQuickEntropyOnEachNextByteCall() { |
||||
final QuickEntropy quickEntropy = mock(QuickEntropy.class); |
||||
final SP800SecureRandomBuilder sp800Builder = mock(SP800SecureRandomBuilder.class); |
||||
final SP800SecureRandom sp800SecureRandom = mock(SP800SecureRandom.class); |
||||
|
||||
final byte[] entropy = {1, 2, 3, 4}; |
||||
when(quickEntropy.getQuickEntropy()).thenReturn(entropy); |
||||
when(sp800Builder.setSecurityStrength(anyInt())).thenReturn(sp800Builder); |
||||
when(sp800Builder.setPersonalizationString(any())).thenReturn(sp800Builder); |
||||
when(sp800Builder.buildHash(any(), any(), anyBoolean())).thenReturn(sp800SecureRandom); |
||||
|
||||
final PRNGSecureRandom prngSecureRandom = new PRNGSecureRandom(quickEntropy, sp800Builder); |
||||
final byte[] bytes = new byte[] {}; |
||||
prngSecureRandom.nextBytes(bytes); |
||||
verify(quickEntropy, times(1)).getQuickEntropy(); |
||||
verify(sp800SecureRandom).setSeed(entropy); |
||||
verify(sp800SecureRandom).nextBytes(bytes); |
||||
} |
||||
} |
||||
Loading…
Reference in new issue