This is my first experience with java.security.SecureRandom and I'd like someone to critique the follow code to ensure I'm doing this correctly. The code is supposed to generate a cryptographically secure random password of arbitrary length. Any input would be appreciated.
import java.util.*;
import java.security.SecureRandom;
public class PassGen{
private static final String VALID_PW_CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()-_=+{}[]|:;<>?,./";
private static final int DEFAULT_PASSWORD_LENGTH = 12;
private static final Random RANDOM = new SecureRandom();
// main class
public static void main(String args[]) throws Exception {
// Set password length
int pwLength;
if (args.length < 1)
pwLength = DEFAULT_PASSWORD_LENGTH;
else
pwLength = Integer.parseInt(args[0]);
// generate password
String pw = "";
for (int i=0; i<pwLength; i++) {
int index = (int)(RANDOM.nextDouble()*VALID_PW_CHARS.length());
pw += VALID_PW_CHARS.substring(index, index+1);
}
System.out.println("pw = " + pw);
}
}
Aucun commentaire:
Enregistrer un commentaire