001/* 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017package org.apache.wicket.core.random; 018 019import java.security.NoSuchAlgorithmException; 020import java.security.SecureRandom; 021 022import org.apache.wicket.WicketRuntimeException; 023 024/** 025 * A very simple {@link ISecureRandomSupplier} that holds a {@code SecureRandom} using 026 * {@code SHA1PRNG}. This {@code SecureRandom} is strong enough for generation of nonces with a 027 * short lifespan, but might not be strong enough for generating long-lived keys. When your 028 * application has stronger requirements on the random implementation, you should replace this class 029 * by your own implementation. 030 * 031 * @author papegaaij 032 */ 033public class DefaultSecureRandomSupplier implements ISecureRandomSupplier 034{ 035 private SecureRandom random; 036 037 public DefaultSecureRandomSupplier() 038 { 039 try 040 { 041 random = SecureRandom.getInstance("SHA1PRNG"); 042 } 043 catch (NoSuchAlgorithmException e) 044 { 045 throw new WicketRuntimeException(e); 046 } 047 } 048 049 @Override 050 public SecureRandom getRandom() 051 { 052 return random; 053 } 054}