Open ph4r05 opened 4 years ago
frankmorgner
commented
4 years ago Having a secure random number generator breaks your use case :scream:? I wonder what you are doing, actually :thinking:
I suggest you create a PR adding an insecure number generator...
ph4r05
commented
4 years ago Having a secure random number generator breaks your use case 😱? I wonder what you are doing, actually 🤔
I suggest you create a PR adding an insecure number generator...
I have absolutely no idea what are you talking about @frankmorgner.
Currently (master), the RandomData is statically seeded so it generates the same random data stream after each applet load.
And yes, there may be users of the JCardSim who actually rely on this original behavior as the tests may be fixed, i.e., JCardSim usage in test cases produce deterministically always the same results, which is a normal practice.
I preserve this behavior in my PR and on top of that I enable to a) specify your own seed to have a different and still deterministic random streams and b) to seed the stream securely from the SecureRandom
ph4r05
commented
4 years ago Maintainers are free to pick which PR suits them the best, either #141 breaking the backward compatibility with users using existing test cases (which is unmerged since Jan 2019) or this one with backward compatibility.
I incorporated my PR in my own fork https://github.com/ph4r05/jcardsim which I am using in my projects so basically I don't need to push my solution to the problem. It's not my fight to pick the best solution ;)
Add option to randomize RandomData seed:
com.licel.jcardsim.randomdata.seedis set, the hex-decoded value of the property is added as a seed material to the RandomData on initializationcom.licel.jcardsim.randomdata.secureis set to1, the SecureRandom is used to generate 32 random bytes that are added as a seed material to the RandomData