8025694: Rename getStrongSecureRandom based on feedback

8014838: getStrongSecureRandom() should require at least one implementation

Reviewed-by: mullan, darcy

jdk/src/share/classes/java/security/SecureRandom.java

@@ -578,39 +578,30 @@ public class SecureRandom extends java.util.Random {
     /**
      * Returns a {@code SecureRandom} object that was selected by using
      * the algorithms/providers specified in the {@code
-     * securerandom.strongAlgorithms} Security property.
+     * securerandom.strongAlgorithms} {@link Security} property.
      * <p>
      * Some situations require strong random values, such as when
      * creating high-value/long-lived secrets like RSA public/private
      * keys.  To help guide applications in selecting a suitable strong
-     * {@code SecureRandom} implementation, Java distributions should
+     * {@code SecureRandom} implementation, Java distributions
      * include a list of known strong {@code SecureRandom}
      * implementations in the {@code securerandom.strongAlgorithms}
      * Security property.
-     *
+     * <p>
-     * <pre>
+     * Every implementation of the Java platform is required to
-     *     SecureRandom sr = SecureRandom.getStrongSecureRandom();
+     * support at least one strong {@code SecureRandom} implementation.
-     *
-     *     if (sr == null) {
-     *         // Decide if this is a problem, and whether to recover.
-     *         sr = new SecureRandom();
-     *         if (!goodEnough(sr)) {
-     *             return;
-     *         }
-     *     }
-     *
-     *     keyPairGenerator.initialize(2048, sr);
-     * </pre>
      *
      * @return a strong {@code SecureRandom} implementation as indicated
-     * by the {@code securerandom.strongAlgorithms} Security property, or
+     * by the {@code securerandom.strongAlgorithms} Security property
-     * null if none are available.
+     *
+     * @throws NoSuchAlgorithmException if no algorithm is available
      *
      * @see Security#getProperty(String)
      *
      * @since 1.8
      */
-    public static SecureRandom getStrongSecureRandom() {
+    public static SecureRandom getInstanceStrong()
+            throws NoSuchAlgorithmException {
 
         String property = AccessController.doPrivileged(
             new PrivilegedAction<String>() {
@@ -622,7 +613,8 @@ public class SecureRandom extends java.util.Random {
             });
 
         if ((property == null) || (property.length() == 0)) {
-            return null;
+            throw new NoSuchAlgorithmException(
+                "Null/empty securerandom.strongAlgorithms Security Property");
         }
 
         String remainder = property;
@@ -649,7 +641,8 @@ public class SecureRandom extends java.util.Random {
             }
         }
 
-        return null;
+        throw new NoSuchAlgorithmException(
+            "No strong SecureRandom impls available: " + property);
     }
 
     // Declare serialVersionUID to be compatible with JDK1.1

jdk/src/share/lib/security/java.security-windows

@@ -127,7 +127,7 @@ securerandom.source=file:/dev/random
 # This is a comma-separated list of algorithm and/or algorithm:provider
 # entries.
 #
-securerandom.strongAlgorithms=Windows-PRNG:SunMSCAPI
+securerandom.strongAlgorithms=Windows-PRNG:SunMSCAPI,SHA1PRNG:SUN
 
 #
 # Class to instantiate as the javax.security.auth.login.Configuration

jdk/test/sun/security/provider/SecureRandom/StrongSecureRandom.java

@@ -120,7 +120,14 @@ public class StrongSecureRandom {
 
     private static void testStrongInstance(boolean expected) throws Exception {
 
-        boolean result = (SecureRandom.getStrongSecureRandom() != null);
+        boolean result;
+
+        try {
+            SecureRandom.getInstanceStrong();
+            result = true;
+        } catch (NoSuchAlgorithmException e) {
+            result = false;
+        }
 
         if (expected != result) {
             throw new Exception("Received: " + result);