This chapter covers changes related to security in Java 9.
SHA-3 Hash Algorithms
Java 9 adds four SHA-3 ( https://en.wikipedia.org/wiki/SHA-3 ) hash algorithms to generate message digest: SHA3-224, SHA3-256, SHA3-384, and SHA3-512. Listing 13-1 shows an example of how to use the algorithm SHA3-224 to generate a message digest.
Listing 13-1. Using SHA-3 to Generate Message Digest
import org.apache.commons.codec.binary.Hex;public class SHA3 {public static void main(final String[] args) throws NoSuchAlgorithmException {final MessageDigest instance = MessageDigest.getInstance("SHA3-224");final byte[] digest = instance.digest("".getBytes());System.out.println(Hex.encodeHexString(digest));}}
SecureRandom
The class java.security.SecureRandom is responsible for generating cryptographically strong random numbers. Java has several built-in algorithms to generate random numbers. Java 9 adds the new deterministic random bit generator (DRBG) algorithm. Because DRBG requires extra parameters to configure, the existing API is also updated to support it.
The new marker interface SecureRandomParameters represents parameters used in different SecureRandom methods. Currently only DRBG-related parameters implement this interface. SecureRandomSpi adds a new constructor that takes SecureRandomParameters as the parameter. The new method void engineNextBytes(byte[] bytes, SecureRandomParameters params) can use the SecureRandomParameters to generate random bytes. If the SecureRandom supports reseeding, the method void engineReseed(SecureRandomParameters params) should be overridden to reseed. The last new method SecureRandomParameters engineGetParameters() returns the effective SecureRandomParameters used by the engine.
To use the SecureRandomParameters interface, SecureRandom has three new overloads of the static method getInstance() to add to the extra SecureRandomParameters parameter. The method nextBytes() also has a new overload with the SecureRandomParameters parameter. Since DRBG supports reseeding, new methods void reseed() and void reseed(SecureRandomParameters params) can reseed this SecureRandom with input from its source. The last new method SecureRandomParameters getParameters() returns the effective SecureRandomParameters for this SecureRandom instance.
The DRBG algorithm has three implementations of SecureRandomParameters to be used in different stages; see Table 13-1.
Table 13-1. SecureRandomParameters Implementations
Implementation | Description | Method to Use |
|---|---|---|
DrbgParameters.Instantiation | Instantiation | getInstance |
DrbgParameters.NextBytes | Random bits generation | nextBytes |
DrbgParameters.Reseed | Reseed | reseed |
DrbgParameters has static methods for creating instances of these three types of parameters. When creating a new DrbgParameters.Instantiation, you can specify the minimal capability requirement for DRBG with the enum DrbgParameters.Capability; see Table 13-2. DRBG capabilities include whether it’s reseedable and supports prediction resistance. Because a DRBG implementation that supports prediction resistance must also support reseeding, there are only three options.
Table 13-2. DrbgParameters.Capability Values
Value | Description |
|---|---|
NONE | Neither reseedable nor prediction resistant |
RESEED_ONLY | Reseedable only |
PR_AND_RESEED | Both reseedable and prediction resistant |
The created DRBG SecureRandom instances may have more capabilities than requested. Once a SecureRandom instance is created, you can get the effective SecureRandomParameters using the method getParameters() and then check the actual capabilities.
Listing 13-2 shows an example of using the DRBG algorithm to generate random numbers.
Listing 13-2. Example of Using the DRBG Algorithm
public class DRBGRandom {public static void main(final String[] args) throws NoSuchAlgorithmException {final DrbgParameters.Instantiation instantiation =DrbgParameters.instantiation(256,Capability.PR_AND_RESEED,"HelloWorld".getBytes());final SecureRandom secureRandom = SecureRandom.getInstance("DRBG", instantiation);final DrbgParameters.NextBytes nextBytes =DrbgParameters.nextBytes(-1, true, "Hello".getBytes());final byte[] result = new byte[32];secureRandom.nextBytes(result, nextBytes);System.out.println(Hex.encodeHexString(result));final DrbgParameters.Reseed reseed = DrbgParameters.reseed(true, null);secureRandom.reseed(reseed);secureRandom.nextBytes(result, nextBytes);System.out.println(Hex.encodeHexString(result));}}
As a result of implementing DRBG, hash algorithms SHA-512/224 and SHA-512/256 and related HmacSHA512/224 and HmacSHA512/256 have also been added.
Using PKCS12 as the Default Keystore
JDK has used its prop rietary keystore format, JKS, since JDK 1.2. The JKS keystore can only store private keys and trusted public-key certificates. PKCS12 ( https://en.wikipedia.org/wiki/PKCS_12 ) is a widely supported format for storing keys. In Java 9, the default keystore type changes from JKS to PKCS12. Existing keystores are not changed and applications can still run without changes.
Summary
In this chapter, we discussed the new SHA-3 hash algorithm, the DRBG SecureRandom algorithm, and using the PKCS12 keystore. In the next chapter, we’ll discuss changes related to the user interface in Java 9.