diff --git a/jdk/src/share/classes/java/security/SecureRandom.java b/jdk/src/share/classes/java/security/SecureRandom.java
index 5afec7b0797..b9ae7220b38 100644
--- a/jdk/src/share/classes/java/security/SecureRandom.java
+++ b/jdk/src/share/classes/java/security/SecureRandom.java
@@ -578,39 +578,30 @@ public class SecureRandom extends java.util.Random {
/**
* Returns a {@code SecureRandom} object that was selected by using
* the algorithms/providers specified in the {@code
- * securerandom.strongAlgorithms} Security property.
+ * securerandom.strongAlgorithms} {@link Security} property.
*
* Some situations require strong random values, such as when
* creating high-value/long-lived secrets like RSA public/private
* keys. To help guide applications in selecting a suitable strong
- * {@code SecureRandom} implementation, Java distributions should
+ * {@code SecureRandom} implementation, Java distributions
* include a list of known strong {@code SecureRandom}
* implementations in the {@code securerandom.strongAlgorithms}
* Security property.
- *
- *
- * SecureRandom sr = SecureRandom.getStrongSecureRandom();
- *
- * if (sr == null) {
- * // Decide if this is a problem, and whether to recover.
- * sr = new SecureRandom();
- * if (!goodEnough(sr)) {
- * return;
- * }
- * }
- *
- * keyPairGenerator.initialize(2048, sr);
- *
+ *
+ * Every implementation of the Java platform is required to
+ * support at least one strong {@code SecureRandom} implementation.
*
* @return a strong {@code SecureRandom} implementation as indicated
- * by the {@code securerandom.strongAlgorithms} Security property, or
- * null if none are available.
+ * by the {@code securerandom.strongAlgorithms} Security property
+ *
+ * @throws NoSuchAlgorithmException if no algorithm is available
*
* @see Security#getProperty(String)
*
* @since 1.8
*/
- public static SecureRandom getStrongSecureRandom() {
+ public static SecureRandom getInstanceStrong()
+ throws NoSuchAlgorithmException {
String property = AccessController.doPrivileged(
new PrivilegedAction() {
@@ -622,7 +613,8 @@ public class SecureRandom extends java.util.Random {
});
if ((property == null) || (property.length() == 0)) {
- return null;
+ throw new NoSuchAlgorithmException(
+ "Null/empty securerandom.strongAlgorithms Security Property");
}
String remainder = property;
@@ -649,7 +641,8 @@ public class SecureRandom extends java.util.Random {
}
}
- return null;
+ throw new NoSuchAlgorithmException(
+ "No strong SecureRandom impls available: " + property);
}
// Declare serialVersionUID to be compatible with JDK1.1
diff --git a/jdk/src/share/lib/security/java.security-windows b/jdk/src/share/lib/security/java.security-windows
index cca53ae3961..1c371f022df 100644
--- a/jdk/src/share/lib/security/java.security-windows
+++ b/jdk/src/share/lib/security/java.security-windows
@@ -127,7 +127,7 @@ securerandom.source=file:/dev/random
# This is a comma-separated list of algorithm and/or algorithm:provider
# entries.
#
-securerandom.strongAlgorithms=Windows-PRNG:SunMSCAPI
+securerandom.strongAlgorithms=Windows-PRNG:SunMSCAPI,SHA1PRNG:SUN
#
# Class to instantiate as the javax.security.auth.login.Configuration
diff --git a/jdk/test/sun/security/provider/SecureRandom/StrongSecureRandom.java b/jdk/test/sun/security/provider/SecureRandom/StrongSecureRandom.java
index 5050d1fccd4..2a45522cad8 100644
--- a/jdk/test/sun/security/provider/SecureRandom/StrongSecureRandom.java
+++ b/jdk/test/sun/security/provider/SecureRandom/StrongSecureRandom.java
@@ -120,7 +120,14 @@ public class StrongSecureRandom {
private static void testStrongInstance(boolean expected) throws Exception {
- boolean result = (SecureRandom.getStrongSecureRandom() != null);
+ boolean result;
+
+ try {
+ SecureRandom.getInstanceStrong();
+ result = true;
+ } catch (NoSuchAlgorithmException e) {
+ result = false;
+ }
if (expected != result) {
throw new Exception("Received: " + result);