changeset 16484:798214298782

8141039: Test Task: Develop new tests for JEP 273: DRBG-Based SecureRandom Implementations Reviewed-by: weijun
author ssahoo
date Thu, 19 May 2016 04:20:08 -0700
parents 75472c0614d5
children 7af9466123ed
files test/java/security/SecureRandom/ApiTest.java test/java/security/SecureRandom/EnoughSeedTest.java test/java/security/SecureRandom/GetAlgorithm.java test/java/security/SecureRandom/GetInstanceTest.java test/java/security/SecureRandom/MultiThreadTest.java test/java/security/SecureRandom/SerializedSeedTest.java test/sun/security/provider/SecureRandom/StrongSecureRandom.java test/sun/security/provider/SeedGenerator/SeedGeneratorChoice.java
diffstat 8 files changed, 1297 insertions(+), 61 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/security/SecureRandom/ApiTest.java	Thu May 19 04:20:08 2016 -0700
@@ -0,0 +1,365 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8141039
+ * @library /lib/testlibrary
+ * @summary This test do API coverage for SecureRandom. It covers most of
+ *          supported operations along with possible positive and negative
+ *          parameters for DRBG mechanism.
+ * @run main ApiTest Hash_DRBG
+ * @run main ApiTest HMAC_DRBG
+ * @run main ApiTest CTR_DRBG
+ * @run main ApiTest SHA1PRNG
+ * @run main ApiTest NATIVE
+ */
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.Security;
+import java.security.SecureRandomParameters;
+import java.security.DrbgParameters;
+import java.security.DrbgParameters.Instantiation;
+import java.security.DrbgParameters.Capability;
+import javax.crypto.Cipher;
+
+public class ApiTest {
+
+    private static final boolean SHOULD_PASS = true;
+    private static final long SEED = 1l;
+    private static final String INVALID_ALGO = "INVALID";
+    private static final String DRBG_CONFIG = "securerandom.drbg.config";
+    private static final String DRBG_CONFIG_VALUE
+            = Security.getProperty(DRBG_CONFIG);
+
+    public static void main(String[] args) throws Exception {
+
+        if (args == null || args.length < 1) {
+            throw new RuntimeException("No mechanism available to run test.");
+        }
+        String mech
+                = "NATIVE".equals(args[0]) ? supportedNativeAlgo() : args[0];
+        String[] algs = null;
+        boolean success = true;
+
+        try {
+            if (!isDRBG(mech)) {
+                SecureRandom random = SecureRandom.getInstance(mech);
+                verifyAPI(random, mech);
+                return;
+            } else if (mech.equals("CTR_DRBG")) {
+                algs = new String[]{"AES-128", "AES-192", "AES-256",
+                    INVALID_ALGO};
+            } else if (mech.equals("Hash_DRBG") || mech.equals("HMAC_DRBG")) {
+                algs = new String[]{"SHA-224", "SHA-256", "SHA-512/224",
+                    "SHA-512/256", "SHA-384", "SHA-512", INVALID_ALGO};
+            } else {
+                throw new RuntimeException(
+                        String.format("Not a valid mechanism '%s'", mech));
+            }
+            runForEachMech(mech, algs);
+        } catch (Exception e) {
+            e.printStackTrace(System.out);
+            success = false;
+        }
+
+        if (!success) {
+            throw new RuntimeException("At least one test failed.");
+        }
+    }
+
+    /**
+     * Run the test for a DRBG mechanism with a possible set of parameter
+     * combination.
+     * @param mech DRBG mechanism name
+     * @param algs Algorithm supported by each mechanism
+     * @throws Exception
+     */
+    private static void runForEachMech(String mech, String[] algs)
+            throws Exception {
+        for (String alg : algs) {
+            runForEachAlg(mech, alg);
+        }
+    }
+
+    private static void runForEachAlg(String mech, String alg)
+            throws Exception {
+        for (int strength : new int[]{Integer.MIN_VALUE, -1, 0, 1, 223, 224,
+            192, 255, 256}) {
+            for (Capability cp : Capability.values()) {
+                for (byte[] pr : new byte[][]{null, new byte[]{},
+                    "personal".getBytes()}) {
+                    SecureRandomParameters param
+                            = DrbgParameters.instantiation(strength, cp, pr);
+                    runForEachParam(mech, alg, param);
+                }
+            }
+        }
+    }
+
+    private static void runForEachParam(String mech, String alg,
+            SecureRandomParameters param) throws Exception {
+
+        for (boolean df : new Boolean[]{true, false}) {
+            try {
+                Security.setProperty(DRBG_CONFIG, mech + "," + alg + ","
+                        + (df ? "use_df" : "no_df"));
+                System.out.printf("%nParameter for SecureRandom "
+                        + "mechanism: %s is (param:%s, algo:%s, df:%s)",
+                        mech, param, alg, df);
+                SecureRandom sr = SecureRandom.getInstance("DRBG", param);
+                verifyAPI(sr, mech);
+            } catch (NoSuchAlgorithmException e) {
+                // Verify exception status for current test.
+                checkException(getDefaultAlg(mech, alg), param, e);
+            } finally {
+                Security.setProperty(DRBG_CONFIG, DRBG_CONFIG_VALUE);
+            }
+        }
+    }
+
+    /**
+     * Returns the algorithm supported for input mechanism.
+     * @param mech Mechanism name
+     * @param alg Algorithm name
+     * @return Algorithm name
+     */
+    private static String getDefaultAlg(String mech, String alg)
+            throws NoSuchAlgorithmException {
+        if (alg == null) {
+            switch (mech) {
+                case "Hash_DRBG":
+                case "HMAC_DRBG":
+                    return "SHA-256";
+                case "CTR_DRBG":
+                    return (Cipher.getMaxAllowedKeyLength("AES") < 256)
+                            ? "AES-128" : "AES-256";
+                default:
+                    throw new RuntimeException("Mechanism not supported");
+            }
+        }
+        return alg;
+    }
+
+    /**
+     * Verify the exception type either it is expected to occur or not.
+     * @param alg Algorithm name
+     * @param param DRBG parameter
+     * @param e Exception to verify
+     * @throws NoSuchAlgorithmException
+     */
+    private static void checkException(String alg, SecureRandomParameters param,
+            NoSuchAlgorithmException e) throws NoSuchAlgorithmException {
+
+        int strength = ((Instantiation) param).getStrength();
+        boolean error = true;
+        switch (alg) {
+            case INVALID_ALGO:
+                error = false;
+                break;
+            case "SHA-224":
+            case "SHA-512/224":
+                if (strength > 192) {
+                    error = false;
+                }
+                break;
+            case "SHA-256":
+            case "SHA-512/256":
+            case "SHA-384":
+            case "SHA-512":
+                if (strength > 256) {
+                    error = false;
+                }
+                break;
+            case "AES-128":
+            case "AES-192":
+            case "AES-256":
+                int algoStrength = Integer.parseInt(alg.replaceAll("AES-", ""));
+                int maxStrengthSupported = Cipher.getMaxAllowedKeyLength("AES");
+                if (strength > maxStrengthSupported
+                        || algoStrength > maxStrengthSupported) {
+                    error = false;
+                }
+                break;
+        }
+        if (error) {
+            throw new RuntimeException("Unknown :", e);
+        }
+    }
+
+    /**
+     * Find if the mechanism is a DRBG mechanism.
+     * @param mech Mechanism name
+     * @return True for DRBG mechanism else False
+     */
+    private static boolean isDRBG(String mech) {
+        return mech.contains("_DRBG");
+    }
+
+    /**
+     * Find the name of supported native mechanism name for current platform.
+     */
+    private static String supportedNativeAlgo() {
+        String nativeSr = "Windows-PRNG";
+        try {
+            SecureRandom.getInstance(nativeSr);
+        } catch (NoSuchAlgorithmException e) {
+            nativeSr = "NativePRNG";
+        }
+        return nativeSr;
+    }
+
+    /**
+     * Test a possible set of SecureRandom API for a SecureRandom instance.
+     * @param random SecureRandom instance
+     * @param mech Mechanism used to create SecureRandom instance
+     */
+    private static void verifyAPI(SecureRandom random, String mech)
+            throws Exception {
+
+        System.out.printf("%nTest SecureRandom mechanism: %s for provider: %s",
+                mech, random.getProvider().getName());
+        byte[] output = new byte[2];
+
+        // Generate random number.
+        random.nextBytes(output);
+
+        // Seed the SecureRandom with a generated seed value of lesser size.
+        byte[] seed = random.generateSeed(1);
+        random.setSeed(seed);
+        random.nextBytes(output);
+
+        // Seed the SecureRandom with a fixed seed value.
+        random.setSeed(SEED);
+        random.nextBytes(output);
+
+        // Seed the SecureRandom with a larger seed value.
+        seed = random.generateSeed(128);
+        random.setSeed(seed);
+        random.nextBytes(output);
+
+        // Additional operation only supported for DRBG based SecureRandom.
+        // Execute the code block and expect to pass for DRBG. If it will fail
+        // then it should fail with specified exception type. Else the case
+        // will be considered as a test case failure.
+        matchExc(() -> {
+            random.reseed();
+            random.nextBytes(output);
+        },
+                isDRBG(mech),
+                UnsupportedOperationException.class,
+                String.format("PASS - Unsupported reseed() method for "
+                        + "SecureRandom Algorithm %s ", mech));
+
+        matchExc(() -> {
+            random.reseed(DrbgParameters.reseed(false, new byte[]{}));
+            random.nextBytes(output);
+        },
+                isDRBG(mech),
+                UnsupportedOperationException.class,
+                String.format("PASS - Unsupported reseed(param) method for "
+                        + "SecureRandom Algorithm %s ", mech));
+
+        matchExc(() -> {
+            random.reseed(DrbgParameters.reseed(true, new byte[]{}));
+            random.nextBytes(output);
+        },
+                isDRBG(mech),
+                !isSupportPR(mech, random) ? IllegalArgumentException.class
+                        : UnsupportedOperationException.class,
+                String.format("PASS - Unsupported or illegal reseed(param) "
+                        + "method for SecureRandom Algorithm %s ", mech));
+
+        matchExc(() -> random.nextBytes(output,
+                DrbgParameters.nextBytes(-1, false, new byte[]{})),
+                isDRBG(mech),
+                UnsupportedOperationException.class,
+                String.format("PASS - Unsupported nextBytes(out, nextByteParam)"
+                        + " method for SecureRandom Algorithm %s ", mech));
+
+        matchExc(() -> random.nextBytes(output,
+                DrbgParameters.nextBytes(-1, true, new byte[]{})),
+                isDRBG(mech),
+                !isSupportPR(mech, random) ? IllegalArgumentException.class
+                        : UnsupportedOperationException.class,
+                String.format("PASS - Unsupported or illegal "
+                        + "nextBytes(out, nextByteParam) method for "
+                        + "SecureRandom Algorithm %s ", mech));
+
+        matchExc(() -> {
+            random.reseed(null);
+            random.nextBytes(output);
+        },
+                !SHOULD_PASS,
+                IllegalArgumentException.class,
+                "PASS - Test is expected to fail when parameter for reseed() "
+                + "is null");
+
+        matchExc(() -> random.nextBytes(output, null),
+                !SHOULD_PASS,
+                IllegalArgumentException.class,
+                "PASS - Test is expected to fail when parameter for nextBytes()"
+                + " is null");
+
+    }
+
+    private static boolean isSupportPR(String mech, SecureRandom random) {
+        return (isDRBG(mech) && ((Instantiation) random.getParameters())
+                .getCapability()
+                .supportsPredictionResistance());
+    }
+
+    private interface RunnableCode {
+
+        void run() throws Exception;
+    }
+
+    /**
+     * Execute a given code block and verify, if the exception type is expected.
+     * @param r Code block to run
+     * @param ex Expected exception type
+     * @param shouldPass If the code execution expected to pass without failure
+     * @param msg Message to log in case of expected failure
+     */
+    private static void matchExc(RunnableCode r, boolean shouldPass, Class ex,
+            String msg) {
+        try {
+            r.run();
+            if (!shouldPass) {
+                throw new RuntimeException("Excecution should fail here.");
+            }
+        } catch (Exception e) {
+            System.out.printf("%nOccured exception: %s - Expected exception: "
+                    + "%s : ", e.getClass(), ex.getCanonicalName());
+            if (ex.isAssignableFrom(e.getClass())) {
+                System.out.printf("%n%s : Expected Exception occured: %s : ",
+                        e.getClass(), msg);
+            } else if (shouldPass) {
+                throw new RuntimeException(e);
+            } else {
+                System.out.printf("Ignore the following exception: %s%n",
+                        e.getMessage());
+            }
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/security/SecureRandom/EnoughSeedTest.java	Thu May 19 04:20:08 2016 -0700
@@ -0,0 +1,100 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8141039
+ * @library /lib/testlibrary
+ * @summary Check SecureRandom generate expected seed counts what the caller
+ *          asked for.
+ * @run main EnoughSeedTest
+ */
+import java.security.SecureRandom;
+import java.security.Security;
+import static java.lang.Math.*;
+
+public class EnoughSeedTest {
+
+    private static final String DRBG_CONFIG = "securerandom.drbg.config";
+    private static final String DRBG_CONFIG_VALUE
+            = Security.getProperty(DRBG_CONFIG);
+
+    public static void main(String[] args) {
+
+        boolean success = true;
+        for (String mech : new String[]{
+            "SHA1PRNG", "Hash_DRBG", "HMAC_DRBG", "CTR_DRBG"}) {
+            System.out.printf("%nTest for SecureRandom algorithm: '%s'", mech);
+            try {
+                SecureRandom sr = null;
+                if (!mech.contains("_DRBG")) {
+                    sr = SecureRandom.getInstance(mech);
+                } else {
+                    Security.setProperty(DRBG_CONFIG, mech);
+                    sr = SecureRandom.getInstance("DRBG");
+                }
+
+                success &= forEachSeedBytes(sr);
+                System.out.printf("%nCompleted test for SecureRandom "
+                        + "mechanism: '%s'", mech);
+            } catch (Exception e) {
+                success &= false;
+                e.printStackTrace(System.out);
+            } finally {
+                Security.setProperty(DRBG_CONFIG, DRBG_CONFIG_VALUE);
+            }
+        }
+        if (!success) {
+            throw new RuntimeException("At least one test failed.");
+        }
+    }
+
+    /**
+     * Generates fixed number of seed bytes through a SecureRandom instance
+     * to verify it's seed generation status.
+     * @param sr SecureRandom instance
+     * @return The test success indicator
+     */
+    private static boolean forEachSeedBytes(SecureRandom sr) {
+        boolean success = true;
+        sr.setSeed(1l);
+        for (int seedByte : new int[]{Integer.MIN_VALUE, -1, 0, 1, 256, 1024,
+            Short.MAX_VALUE, (int) pow(2, 20)}) {
+            try {
+                byte[] seed = sr.generateSeed(seedByte);
+                if (seed.length != seedByte) {
+                    throw new RuntimeException("Not able to produce expected "
+                            + "seed size.");
+                }
+            } catch (IllegalArgumentException e) {
+                if (seedByte >= 0) {
+                    throw new RuntimeException("Unknown Exception occured.", e);
+                }
+                System.out.printf("%nPASS - Exception expected when required "
+                        + "seed size requested is negative: %s", seedByte);
+            }
+        }
+        return success;
+    }
+
+}
--- a/test/java/security/SecureRandom/GetAlgorithm.java	Thu May 19 11:13:52 2016 +0200
+++ b/test/java/security/SecureRandom/GetAlgorithm.java	Thu May 19 04:20:08 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,49 +23,54 @@
 
 /**
  * @test
- * @bug 4915392
+ * @bug 4915392 8141039
  * @summary test that the getAlgorithm() method works correctly
  * @author Andreas Sterbenz
+ * @run main GetAlgorithm
  */
-
 import java.io.*;
-
 import java.security.*;
+import java.util.Arrays;
+import java.util.List;
 
 public class GetAlgorithm {
 
-    private final static String BASE = System.getProperty("test.src", ".");
+    private static final String BASE = System.getProperty("test.src", ".");
+    private static final String DRBG_CONFIG = "securerandom.drbg.config";
+    private static final String DRBG_CONFIG_VALUE
+            = Security.getProperty(DRBG_CONFIG);
 
     public static void main(String[] args) throws Exception {
-        SecureRandom sr;
-
-        sr = new SecureRandom();
+        SecureRandom sr = new SecureRandom();
         if (sr.getAlgorithm().equals("unknown")) {
             throw new Exception("Unknown: " + sr.getAlgorithm());
         }
 
-        sr = SecureRandom.getInstance("SHA1PRNG");
-        check("SHA1PRNG", sr);
+        for (String mech : new String[]{supportedNativeAlgo(), "SHA1PRNG",
+            "Hash_DRBG", "HMAC_DRBG", "CTR_DRBG"}) {
+            if (!mech.contains("_DRBG")) {
+                check(mech, SecureRandom.getInstance(mech));
+            } else {
+                try {
+                    Security.setProperty(DRBG_CONFIG, mech);
+                    check("DRBG", SecureRandom.getInstance("DRBG"));
+                } finally {
+                    Security.setProperty(DRBG_CONFIG, DRBG_CONFIG_VALUE);
+                }
+            }
+        }
+        check("unknown", new MySecureRandom());
 
-//      OutputStream out = new FileOutputStream("sha1prng.bin");
-//      ObjectOutputStream oout = new ObjectOutputStream(out);
-//      sr.nextInt();
-//      oout.writeObject(sr);
-//      oout.flush();
-//      oout.close();
-
-        sr = new MySecureRandom();
-        check("unknown", sr);
-
-        InputStream in = new FileInputStream(new File(BASE, "sha1prng-old.bin"));
+        InputStream in = new FileInputStream(
+                new File(BASE, "sha1prng-old.bin"));
         ObjectInputStream oin = new ObjectInputStream(in);
-        sr = (SecureRandom)oin.readObject();
+        sr = (SecureRandom) oin.readObject();
         oin.close();
         check("unknown", sr);
 
         in = new FileInputStream(new File(BASE, "sha1prng-new.bin"));
         oin = new ObjectInputStream(in);
-        sr = (SecureRandom)oin.readObject();
+        sr = (SecureRandom) oin.readObject();
         oin.close();
         check("SHA1PRNG", sr);
 
@@ -83,4 +88,17 @@
 
     }
 
+    /**
+     * Find the name of supported native mechanism name for current platform.
+     */
+    private static String supportedNativeAlgo() {
+        String nativeSr = "Windows-PRNG";
+        try {
+            SecureRandom.getInstance(nativeSr);
+        } catch (NoSuchAlgorithmException e) {
+            nativeSr = "NativePRNG";
+        }
+        return nativeSr;
+    }
+
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/security/SecureRandom/GetInstanceTest.java	Thu May 19 04:20:08 2016 -0700
@@ -0,0 +1,312 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8141039
+ * @library /lib/testlibrary
+ * @summary SecureRandom supports multiple getInstance method including
+ *          getInstanceStrong() method. This test verifies a set of possible
+ *          cases for getInstance with different SecureRandom mechanism
+ *          supported in Java.
+ * @run main GetInstanceTest
+ */
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.SecureRandom;
+import java.security.SecureRandomParameters;
+import java.security.DrbgParameters;
+
+import static java.security.DrbgParameters.Capability.*;
+
+import java.security.Security;
+import java.util.Arrays;
+
+import jdk.testlibrary.Asserts;
+
+public class GetInstanceTest {
+
+    private static final boolean PASS = true;
+    private static final String INVALID_ALGO = "INVALID";
+    private static final String SUN_PROVIDER = "SUN";
+    private static final String INVALID_PROVIDER = "INVALID";
+    private static final String STRONG_ALG_SEC_PROP
+            = "securerandom.strongAlgorithms";
+    private static final String DRBG_CONFIG = "securerandom.drbg.config";
+    private static final String DRBG_CONFIG_VALUE
+            = Security.getProperty(DRBG_CONFIG);
+
+    public static void main(String[] args) throws Exception {
+
+        boolean success = true;
+        // Only accepted failure is NoSuchAlgorithmException.
+        // For any other failure the test case will fail here.
+        SecureRandom sr = matchExc(() -> SecureRandom.getInstanceStrong(),
+                PASS, NoSuchAlgorithmException.class,
+                "PASS - Undefined security Property "
+                + "'securerandom.strongAlgorithms'");
+        System.out.format("Current platform supports mechanism: '%s' through "
+                + "provider: '%s' for the method getInstanceStrong().",
+                sr.getAlgorithm(), sr.getProvider().getName());
+
+        // DRBG name should appear with "securerandom.strongAlgorithms"
+        // security property.
+        String origDRBGConfig = Security.getProperty(STRONG_ALG_SEC_PROP);
+        if (!origDRBGConfig.contains("DRBG")) {
+            throw new RuntimeException("DRBG is not associated with default "
+                    + "strong algorithm through security Property: "
+                    + "'securerandom.strongAlgorithms'.");
+        }
+        Security.setProperty(STRONG_ALG_SEC_PROP, "DRBG:SUN");
+        sr = matchExc(() -> SecureRandom.getInstanceStrong(),
+                PASS, NoSuchAlgorithmException.class,
+                "PASS - Undefined security Property "
+                + "'securerandom.strongAlgorithms'");
+        checkAttributes(sr, "DRBG");
+        Security.setProperty(STRONG_ALG_SEC_PROP, origDRBGConfig);
+
+        for (String mech : new String[]{
+            "SHA1PRNG", "Hash_DRBG", "HMAC_DRBG", "CTR_DRBG", INVALID_ALGO,}) {
+            System.out.printf("%nTest SecureRandom mechanism: '%s'", mech);
+            try {
+                if (isDRBG(mech)) {
+                    Security.setProperty(DRBG_CONFIG, mech);
+                }
+                verifyInstance(mech);
+            } catch (Exception e) {
+                e.printStackTrace(System.out);
+                success = false;
+            } finally {
+                Security.setProperty(DRBG_CONFIG, DRBG_CONFIG_VALUE);
+            }
+        }
+        if (!success) {
+            throw new RuntimeException("At least one test failed.");
+        }
+    }
+
+    private static void verifyInstance(String mech) throws Exception {
+
+        String srAlgo = isDRBG(mech) ? "DRBG" : mech;
+
+        // Test for getInstance(algorithm) method.
+        // It should pass for all case other than invalid algorithm name.
+        // If it fails then the expected exception type should be
+        // NoSuchAlgorithmException. Any other Exception type occured will be
+        // treated as failure.
+        checkAttributes(
+                matchExc(() -> SecureRandom.getInstance(srAlgo), !(nsa(mech)),
+                        NoSuchAlgorithmException.class,
+                        String.format("PASS - It is expected to fail for"
+                                + " getInstance(algorithm) when algorithm: '%s'"
+                                + " is null or invalid.", mech)), mech);
+        // Test for getInstance(algorithm, provider) method.
+        checkAttributes(
+                matchExc(() -> SecureRandom.getInstance(srAlgo,
+                                Security.getProvider(SUN_PROVIDER)),
+                        !(nsa(mech)),
+                        NoSuchAlgorithmException.class,
+                        String.format("PASS - It is expected to fail for"
+                                + " getInstance(algorithm, provider) when"
+                                + " algorithm:'%s' is null or invalid.", mech)),
+                mech);
+        // Test for getInstance(algorithm, providerName) method.
+        checkAttributes(
+                matchExc(() -> SecureRandom.getInstance(srAlgo, SUN_PROVIDER),
+                        !(nsa(mech)), NoSuchAlgorithmException.class,
+                        String.format("PASS - It is expected to fail for "
+                                + "getInstance(algorithm, providerName) when "
+                                + "algorithm: '%s' is null or invalid.", mech)),
+                mech);
+        // Test for getInstance(algorithm, providerName) method.
+        checkAttributes(
+                matchExc(() -> SecureRandom.getInstance(
+                                srAlgo, INVALID_PROVIDER),
+                        !PASS, NoSuchProviderException.class,
+                        String.format("PASS - It is expected to fail for "
+                                + "getInstance(algorithm, providerName) when "
+                                + "provider name: '%s' is invalid and "
+                                + "algorithm: '%s'", INVALID_PROVIDER, mech)),
+                mech);
+
+        // Run the test for a set of SecureRandomParameters
+        for (SecureRandomParameters param : Arrays.asList(null,
+                DrbgParameters.instantiation(-1, NONE, null))) {
+
+            System.out.printf("%nRunning DRBG param getInstance() methods "
+                    + "for algorithm: %s and DRBG param type: %s", mech,
+                    (param != null) ? param.getClass().getName() : param);
+
+            // Following Test are applicable for new DRBG methods only.
+            // Test for getInstance(algorithm, params) method.
+            // Tests are expected to pass for DRBG type with valid parameter
+            // If it fails the expected exception type is derived from
+            // getExcType(mech, param) method. If exception type is not
+            // expected then the test will be considered as failure.
+            checkAttributes(
+                    matchExc(() -> SecureRandom.getInstance(srAlgo, param),
+                            (isDRBG(mech)) && (isValidDRBGParam(param)),
+                            getExcType(mech, param),
+                            String.format("PASS - It is expected to fail "
+                                    + "for getInstance(algorithm, params) "
+                                    + "for algorithm: %s and parameter: %s",
+                                    mech, param)),
+                    mech);
+            // Test for getInstance(algorithm, params, provider) method.
+            checkAttributes(
+                    matchExc(() -> SecureRandom.getInstance(srAlgo, param,
+                                    Security.getProvider(SUN_PROVIDER)),
+                            (isDRBG(mech)) && (isValidDRBGParam(param)),
+                            getExcType(mech, param),
+                            String.format("PASS - It is expected to fail "
+                                    + "for getInstance(algorithm, params, "
+                                    + "provider) for algorithm: %s and "
+                                    + "parameter: %s", mech, param)),
+                    mech);
+            // Test for getInstance(algorithm, params, providerName) method.
+            checkAttributes(
+                    matchExc(() -> SecureRandom.getInstance(srAlgo, param,
+                                    SUN_PROVIDER),
+                            (isDRBG(mech)) && (isValidDRBGParam(param)),
+                            getExcType(mech, param),
+                            String.format("PASS - It is expected to fail "
+                                    + "for getInstance(algorithm, params, "
+                                    + "providerName) for algorithm: %s and "
+                                    + "parameter: %s", mech, param)), mech);
+            // getInstance(algorithm, params, providerName) when
+            // providerName is invalid
+            checkAttributes(
+                    matchExc(() -> SecureRandom.getInstance(srAlgo, param,
+                                    INVALID_PROVIDER),
+                            !PASS, ((param == null)
+                                    ? IllegalArgumentException.class
+                                    : NoSuchProviderException.class),
+                            String.format("PASS - It is expected to fail "
+                                    + "for getInstance(algorithm, params, "
+                                    + "providerName) when param is null or"
+                                    + " provider: %s is invalid for "
+                                    + "algorithm: '%s'", INVALID_PROVIDER,
+                                    mech)), mech);
+            // getInstance(algorithm, params, provider) when provider=null
+            checkAttributes(
+                    matchExc(() -> SecureRandom.getInstance(srAlgo, param,
+                                    (String) null),
+                            !PASS, IllegalArgumentException.class,
+                            String.format("PASS - It is expected to fail "
+                                    + "for getInstance(algorithm, params, "
+                                    + "providerName) when provider name "
+                                    + "is null")), mech);
+            // getInstance(algorithm, params, providerName) when
+            // providerName is empty.
+            checkAttributes(
+                    matchExc(() -> SecureRandom.getInstance(
+                                    srAlgo, param, ""),
+                            !PASS, IllegalArgumentException.class,
+                            String.format("PASS - It is expected to fail "
+                                    + "for getInstance(algorithm, params, "
+                                    + "providerName) when provider name "
+                                    + "is empty")), mech);
+        }
+    }
+
+    private static boolean isValidDRBGParam(SecureRandomParameters param) {
+        return (param instanceof DrbgParameters.Instantiation);
+    }
+
+    /**
+     * If the mechanism should occur NoSuchAlgorithmException.
+     */
+    private static boolean nsa(String mech) {
+        return mech.equals(INVALID_ALGO);
+    }
+
+    /**
+     * Verify if the mechanism is DRBG type.
+     * @param mech Mechanism name
+     * @return True if the mechanism name is DRBG type else False.
+     */
+    private static boolean isDRBG(String mech) {
+        return mech.contains("_DRBG");
+    }
+
+    /**
+     * Type of exception expected for a SecureRandom instance when exception
+     * occurred while calling getInstance method with a fixed set of parameter.
+     * @param mech Mechanism used to create a SecureRandom instance
+     * @param param Parameter to getInstance() method
+     * @return Exception type expected
+     */
+    private static Class getExcType(String mech, SecureRandomParameters param) {
+        return ((isDRBG(mech) && !isValidDRBGParam(param)) || param == null)
+                ? IllegalArgumentException.class
+                : NoSuchAlgorithmException.class;
+    }
+
+    private interface RunnableCode {
+
+        SecureRandom run() throws Exception;
+    }
+
+    /**
+     * Execute a given code block and verify, if the exception type is expected.
+     * @param r Code block to run
+     * @param ex Expected exception type
+     * @param shouldPass If the code execution expected to pass without failure
+     * @param msg Message to log in case of expected failure
+     */
+    private static SecureRandom matchExc(RunnableCode r, boolean shouldPass,
+            Class ex, String msg) {
+        SecureRandom sr = null;
+        try {
+            sr = r.run();
+            if (!shouldPass) {
+                throw new RuntimeException("Excecution should fail here.");
+            }
+        } catch (Exception e) {
+            System.out.printf("%nOccured exception: %s - Expected exception: %s"
+                    + " : ", e.getClass(), ex.getCanonicalName());
+            if (ex.isAssignableFrom(e.getClass())) {
+                System.out.printf("%n%s : Expected Exception: %s : ",
+                        e.getClass(), msg);
+            } else if (shouldPass) {
+                throw new RuntimeException(e);
+            } else {
+                System.out.printf("%nIgnore the following exception: %s%n",
+                        e.getMessage());
+            }
+        }
+        return sr;
+    }
+
+    /**
+     * Check specific attributes of a SecureRandom instance.
+     */
+    private static void checkAttributes(SecureRandom sr, String mech) {
+        if (sr == null) {
+            return;
+        }
+        Asserts.assertEquals(sr.getAlgorithm(), (isDRBG(mech) ? "DRBG" : mech));
+        Asserts.assertEquals(sr.getProvider().getName(), SUN_PROVIDER);
+    }
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/security/SecureRandom/MultiThreadTest.java	Thu May 19 04:20:08 2016 -0700
@@ -0,0 +1,182 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.math.BigInteger;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.Security;
+import java.util.concurrent.Callable;
+import java.util.concurrent.CompletionService;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.ExecutorCompletionService;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+import java.util.concurrent.ThreadFactory;
+import static java.lang.Math.*;
+
+/*
+ * @test
+ * @bug 8141039
+ * @library /lib/testlibrary
+ * @summary Test behavior of a shared SecureRandom object when it is operated
+ *          by multiple threads concurrently.
+ * @run main MultiThreadTest
+ */
+public class MultiThreadTest {
+
+    private static final byte[] GEN_RND_BYTES = {1};
+    private static final String DRBG_CONFIG = "securerandom.drbg.config";
+    private static final String DRBG_CONFIG_VALUE
+            = Security.getProperty(DRBG_CONFIG);
+
+    private enum SEED {
+
+        NONE, RESEED, SETSEED
+    }
+
+    public static void main(String[] args) {
+
+        boolean success = true;
+        for (int byteLen : GEN_RND_BYTES) {
+            for (SEED reSeed : SEED.values()) {
+                for (String mech : new String[]{
+                    "SHA1PRNG", "Hash_DRBG", "HMAC_DRBG", "CTR_DRBG"}) {
+                    try {
+                        forEachMech(mech, byteLen, reSeed);
+                    } catch (Exception e) {
+                        success = false;
+                        e.printStackTrace(System.out);
+                    } finally {
+                        Security.setProperty(DRBG_CONFIG, DRBG_CONFIG_VALUE);
+                    }
+                }
+            }
+        }
+
+        if (!success) {
+            throw new RuntimeException("At least one test failed.");
+        }
+    }
+
+    /**
+     * Generate a number of threads to fetch random numbers of certain bits
+     * generated through a shared SecureRandom instance.
+     * @param mech Mechanism name
+     * @param byteLen Number of bytes of random number to produce
+     * @param reSeed Call reseed() before generating random numbers
+     * @throws NoSuchAlgorithmException
+     * @throws InterruptedException
+     * @throws ExecutionException
+     */
+    private static void forEachMech(String mech, int byteLen, SEED reSeed)
+            throws NoSuchAlgorithmException, InterruptedException,
+            ExecutionException {
+
+        if ("SHA1PRNG".equals(mech) && SEED.RESEED.equals(reSeed)) {
+            System.out.printf(
+                    "%nreseed() api is not supported for '%s'", mech);
+            return;
+        }
+        System.out.printf("%nTest SecureRandom mechanism: '%s' with support of"
+                + " reseed: '%s'", mech, reSeed);
+        int threadCount = (int) pow(2, 8 * byteLen);
+        System.out.printf("%nCreating %s number of threads to generate secure "
+                + "random numbers concurrently.", threadCount);
+
+        ExecutorService executor
+                = Executors.newCachedThreadPool(new ThreadFactory() {
+                    @Override
+                    public Thread newThread(Runnable r) {
+                        Thread t = Executors.defaultThreadFactory()
+                        .newThread(r);
+                        t.setDaemon(true);
+                        return t;
+                    }
+                });
+        CompletionService<Integer> completionService
+                = new ExecutorCompletionService<Integer>(executor);
+
+        CountDownLatch latch = new CountDownLatch(1);
+        SecureRandom rnd = null;
+        if (!mech.contains("_DRBG")) {
+            rnd = SecureRandom.getInstance(mech);
+        } else {
+            Security.setProperty(DRBG_CONFIG, mech);
+            rnd = SecureRandom.getInstance("DRBG");
+        }
+        try {
+            for (int i = 0; i < threadCount; i++) {
+                completionService.submit(new Task(rnd, latch, byteLen, reSeed));
+            }
+            latch.countDown();
+
+            for (int i = 0; i < threadCount; i++) {
+                completionService.take();
+            }
+        } finally {
+            executor.shutdown();
+        }
+        System.out.printf("%nCompleted Test for algorithm '%s' with thread "
+                + "counts to '%s' using reseeding '%s'",
+                mech, threadCount, reSeed);
+
+    }
+
+    /**
+     * Define a Task to be executed by multiple thread to produce random numbers
+     * from a shared SecureRandom instance.
+     */
+    private static class Task implements Callable<Integer> {
+
+        private final SecureRandom random;
+        private final CountDownLatch latch;
+        private final SEED reSeed;
+        private final int byteSize;
+
+        public Task(SecureRandom random, CountDownLatch latch, int byteSize,
+                SEED reSeed) {
+            this.random = random;
+            this.latch = latch;
+            this.byteSize = byteSize;
+            this.reSeed = reSeed;
+        }
+
+        @Override
+        public Integer call() throws Exception {
+            latch.await();
+            switch (this.reSeed) {
+                case RESEED:
+                    this.random.reseed();
+                    break;
+                case SETSEED:
+                    this.random.setSeed(1l);
+                    break;
+            }
+            byte[] bytes = new byte[byteSize];
+            random.nextBytes(bytes);
+            return new BigInteger(bytes).intValue();
+        }
+    }
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/security/SecureRandom/SerializedSeedTest.java	Thu May 19 04:20:08 2016 -0700
@@ -0,0 +1,214 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8141039
+ * @library /lib/testlibrary
+ * @summary When random number is generated through the a SecureRandom instance
+ *          as well from it's serialized instance in the same time then the
+ *          generated random numbers should be different when one or both are
+ *          reseeded.
+ * @run main SerializedSeedTest
+ */
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.io.ByteArrayInputStream;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.Security;
+import jdk.testlibrary.Asserts;
+
+public class SerializedSeedTest {
+
+    private static final byte[] SEED = "seed".getBytes();
+    private static final String DRBG_CONFIG = "securerandom.drbg.config";
+    private static final String DRBG_CONFIG_VALUE
+            = Security.getProperty(DRBG_CONFIG);
+
+    public static void main(String[] args) {
+        boolean success = true;
+
+        for (String mech : new String[]{
+            "SHA1PRNG", "Hash_DRBG", "HMAC_DRBG", "CTR_DRBG"}) {
+            System.out.printf(
+                    "%nRunning test for SecureRandom mechanism: '%s'", mech);
+            try {
+                // Serialize without seed and compare generated random numbers
+                // produced through original and serialized instances.
+                SecureRandom orig = getSRInstance(mech);
+                SecureRandom copy = deserializedCopy(orig);
+                System.out.printf("%nSerialize without seed. Generated random"
+                        + " numbers should be different.");
+                check(orig, copy, false, mech);
+
+                // Serialize after default seed and compare generated random
+                // numbers produced through original and serialized instances.
+                orig = getSRInstance(mech);
+                orig.nextInt(); // Default seeded
+                copy = deserializedCopy(orig);
+                System.out.printf("%nSerialize after default seed. Generated"
+                        + " random numbers should be same till 20-bytes.");
+                check(orig, copy, !isDRBG(mech), mech);
+
+                // Serialize after explicit seed and compare generated random
+                // numbers produced through original and serialized instances.
+                orig = getSRInstance(mech);
+                orig.setSeed(SEED); // Explicitly seeded
+                copy = deserializedCopy(orig);
+                System.out.printf("%nSerialize after explicit seed. Generated "
+                        + "random numbers should be same till 20-bytes.");
+                check(orig, copy, !isDRBG(mech), mech);
+
+                // Serialize without seed but original is explicitly seeded
+                // before generating any random number. Then compare generated
+                // random numbers produced through original and serialized
+                // instances.
+                orig = getSRInstance(mech);
+                copy = deserializedCopy(orig);
+                orig.setSeed(SEED); // Explicitly seeded
+                System.out.printf("%nSerialize without seed. When original is "
+                        + "explicitly seeded before generating random numbers,"
+                        + " Generated random numbers should be different.");
+                check(orig, copy, false, mech);
+
+                // Serialize after default seed but original is explicitly
+                // seeded before generating any random number. Then compare
+                // generated random numbers produced through original and
+                // serialized instances.
+                orig = getSRInstance(mech);
+                orig.nextInt(); // Default seeded
+                copy = deserializedCopy(orig);
+                orig.setSeed(SEED); // Explicitly seeded
+                System.out.printf("%nSerialize after default seed but original "
+                        + "is explicitly seeded before generating random number"
+                        + ". Generated random numbers should be different.");
+                check(orig, copy, false, mech);
+
+                // Serialize after explicit seed but original is explicitly
+                // seeded again before generating random number. Then compare
+                // generated random numbers produced through original and
+                // serialized instances.
+                orig = getSRInstance(mech);
+                orig.setSeed(SEED); // Explicitly seeded
+                copy = deserializedCopy(orig);
+                orig.setSeed(SEED); // Explicitly seeded
+                System.out.printf("%nSerialize after explicit seed but "
+                        + "original is explicitly seeded again before "
+                        + "generating random number. Generated random "
+                        + "numbers should be different.");
+                check(orig, copy, false, mech);
+
+            } catch (Exception e) {
+                e.printStackTrace(System.out);
+                success = false;
+            } finally {
+                Security.setProperty(DRBG_CONFIG, DRBG_CONFIG_VALUE);
+            }
+            System.out.printf("%n------Completed Test for %s------", mech);
+        }
+
+        if (!success) {
+            throw new RuntimeException("At least one test failed.");
+        }
+    }
+
+    /**
+     * Find if the mechanism is a DRBG mechanism.
+     * @param mech Mechanism name
+     * @return True for DRBG mechanism else False
+     */
+    private static boolean isDRBG(String mech) {
+        return mech.contains("_DRBG");
+    }
+
+    /**
+     * Verify the similarity of random numbers generated though both original
+     * as well as deserialized instance.
+     */
+    private static void check(SecureRandom orig, SecureRandom copy,
+            boolean equal, String mech) {
+        int o = orig.nextInt();
+        int c = copy.nextInt();
+        System.out.printf("%nRandom number generated for mechanism: '%s' "
+                + "from original instance as: '%s' and from serialized "
+                + "instance as: '%s'", mech, o, c);
+        if (equal) {
+            Asserts.assertEquals(o, c, mech);
+        } else {
+            Asserts.assertNotEquals(o, c, mech);
+        }
+    }
+
+    /**
+     * Get a copy of SecureRandom instance through deserialization.
+     * @param orig Original SecureRandom instance
+     * @return Deserialized SecureRandom instance
+     * @throws IOException
+     * @throws ClassNotFoundException
+     */
+    private static SecureRandom deserializedCopy(SecureRandom orig)
+            throws IOException, ClassNotFoundException {
+        return deserialize(serialize(orig));
+    }
+
+    /**
+     * Deserialize the SecureRandom object.
+     */
+    private static SecureRandom deserialize(byte[] serialized)
+            throws IOException, ClassNotFoundException {
+        SecureRandom sr = null;
+        try (ByteArrayInputStream bis = new ByteArrayInputStream(serialized);
+                ObjectInputStream ois = new ObjectInputStream(bis)) {
+            sr = (SecureRandom) ois.readObject();
+        }
+        return sr;
+    }
+
+    /**
+     * Serialize the given SecureRandom object.
+     */
+    private static byte[] serialize(SecureRandom sr) throws IOException {
+        try (ByteArrayOutputStream bos = new ByteArrayOutputStream();
+                ObjectOutputStream oos = new ObjectOutputStream(bos)) {
+            oos.writeObject(sr);
+            return bos.toByteArray();
+        }
+    }
+
+    /**
+     * Create a SecureRandom instance for a given mechanism.
+     */
+    private static SecureRandom getSRInstance(String mech)
+            throws NoSuchAlgorithmException {
+        if (!isDRBG(mech)) {
+            return SecureRandom.getInstance(mech);
+        } else {
+            Security.setProperty(DRBG_CONFIG, mech);
+            return SecureRandom.getInstance("DRBG");
+        }
+    }
+
+}
--- a/test/sun/security/provider/SecureRandom/StrongSecureRandom.java	Thu May 19 11:13:52 2016 +0200
+++ b/test/sun/security/provider/SecureRandom/StrongSecureRandom.java	Thu May 19 04:20:08 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,11 +21,11 @@
  * questions.
  */
 
-/**
+/*
  * @test
- * @bug 6425477
+ * @bug 6425477 8141039
  * @summary Better support for generation of high entropy random numbers
- * @run main/othervm StrongSecureRandom
+ * @run main StrongSecureRandom
  */
 import java.security.*;
 import java.util.*;
@@ -35,7 +35,10 @@
  */
 public class StrongSecureRandom {
 
-    private static String os = System.getProperty("os.name", "unknown");
+    private static final String os = System.getProperty("os.name", "unknown");
+    private static final String DRBG_CONFIG = "securerandom.drbg.config";
+    private static final String DRBG_CONFIG_VALUE
+            = Security.getProperty(DRBG_CONFIG);
 
     private static void testDefaultEgd() throws Exception {
         // No SecurityManager installed.
@@ -47,31 +50,53 @@
         }
     }
 
-    private static void testSHA1PRNGImpl() throws Exception {
-        SecureRandom sr;
+    /**
+     * Verify if the mechanism is DRBG type.
+     * @param mech Mechanism name
+     * @return True if the mechanism name is DRBG type else False.
+     */
+    private static boolean isDRBG(String mech) {
+        return mech.contains("_DRBG");
+    }
+
+    private static void testSecureRandomImpl(String algo, boolean drbg)
+            throws Exception {
+
         byte[] ba;
+        final String secureRandomSource
+                = Security.getProperty("securerandom.source");
+        try {
+            String urandom = "file:/dev/urandom";
 
-        String urandom = "file:/dev/urandom";
+            System.out.println("Testing new SeedGenerator and EGD");
 
-        System.out.println("Testing new SeedGenerator and EGD");
+            Security.setProperty("securerandom.source", urandom);
+            if (!Security.getProperty("securerandom.source").equals(urandom)) {
+                throw new Exception("Couldn't set securerandom.source");
+            }
 
-        Security.setProperty("securerandom.source", urandom);
-        if (!Security.getProperty("securerandom.source").equals(urandom)) {
-            throw new Exception("Couldn't set securerandom.source");
+            /*
+             * Take out a large number of bytes in hopes of blocking.
+             * Don't expect this to happen, unless something is broken on Linux
+             */
+            SecureRandom sr = null;
+            if (drbg) {
+                Security.setProperty(DRBG_CONFIG, algo);
+                sr = SecureRandom.getInstance("DRBG");
+            } else {
+                sr = SecureRandom.getInstance(algo);
+            }
+            if (!sr.getAlgorithm().equals(isDRBG(algo) ? "DRBG" : algo)) {
+                throw new Exception("sr.getAlgorithm(): " + sr.getAlgorithm());
+            }
+
+            ba = sr.generateSeed(4096);
+            sr.nextBytes(ba);
+            sr.setSeed(ba);
+        } finally {
+            Security.setProperty("securerandom.source", secureRandomSource);
+            Security.setProperty(DRBG_CONFIG, DRBG_CONFIG_VALUE);
         }
-
-        /*
-         * Take out a large number of bytes in hopes of blocking.
-         * Don't expect this to happen, unless something is broken on Linux
-         */
-        sr = SecureRandom.getInstance("SHA1PRNG");
-        if (!sr.getAlgorithm().equals("SHA1PRNG")) {
-            throw new Exception("sr.getAlgorithm(): " + sr.getAlgorithm());
-        }
-
-        ba = sr.generateSeed(4096);
-        sr.nextBytes(ba);
-        sr.setSeed(ba);
     }
 
     private static void testNativePRNGImpls() throws Exception {
@@ -85,7 +110,7 @@
             return;
         }
 
-        System.out.println("    Testing regular");
+        System.out.println("Testing regular");
         sr = SecureRandom.getInstance("NativePRNG");
         if (!sr.getAlgorithm().equals("NativePRNG")) {
             throw new Exception("sr.getAlgorithm(): " + sr.getAlgorithm());
@@ -94,7 +119,7 @@
         sr.nextBytes(ba);
         sr.setSeed(ba);
 
-        System.out.println("    Testing NonBlocking");
+        System.out.println("Testing NonBlocking");
         sr = SecureRandom.getInstance("NativePRNGNonBlocking");
         if (!sr.getAlgorithm().equals("NativePRNGNonBlocking")) {
             throw new Exception("sr.getAlgorithm(): " + sr.getAlgorithm());
@@ -108,7 +133,7 @@
             return;
         }
 
-        System.out.println("    Testing Blocking");
+        System.out.println("Testing Blocking");
         sr = SecureRandom.getInstance("NativePRNGBlocking");
         if (!sr.getAlgorithm().equals("NativePRNGBlocking")) {
             throw new Exception("sr.getAlgorithm(): " + sr.getAlgorithm());
@@ -141,9 +166,15 @@
             throws Exception {
 
         System.out.println("Testing: '" + property + "' " + expected);
-
-        Security.setProperty("securerandom.strongAlgorithms", property);
-        testStrongInstance(expected);
+        final String origStrongAlgoProp
+                = Security.getProperty("securerandom.strongAlgorithms");
+        try {
+            Security.setProperty("securerandom.strongAlgorithms", property);
+            testStrongInstance(expected);
+        } finally {
+            Security.setProperty(
+                    "securerandom.strongAlgorithms", origStrongAlgoProp);
+        }
     }
 
     private static void testProperties() throws Exception {
@@ -228,7 +259,10 @@
 
     public static void main(String args[]) throws Exception {
         testDefaultEgd();
-        testSHA1PRNGImpl();
+        for (String algo : new String[]{
+            "SHA1PRNG", "Hash_DRBG", "HMAC_DRBG", "CTR_DRBG"}) {
+            testSecureRandomImpl(algo, isDRBG(algo));
+        }
         testNativePRNGImpls();
         testAllImpls();
 
--- a/test/sun/security/provider/SeedGenerator/SeedGeneratorChoice.java	Thu May 19 11:13:52 2016 +0200
+++ b/test/sun/security/provider/SeedGenerator/SeedGeneratorChoice.java	Thu May 19 04:20:08 2016 -0700
@@ -1,5 +1,6 @@
 /*
- * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2011, 2016, Oracle and/or its affiliates. All rights
+ * reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,7 +24,7 @@
 
 /*
  * @test
- * @bug 6998583
+ * @bug 6998583 8141039
  * @summary NativeSeedGenerator is making 8192 byte read requests from
  *             entropy pool on each init.
  * @run main SeedGeneratorChoice
@@ -39,14 +40,24 @@
  * We should always fall back to the ThreadedSeedGenerator if exceptions
  * are encountered with user defined source of entropy.
  */
-
 import java.security.SecureRandom;
+import java.security.Security;
 
 public class SeedGeneratorChoice {
 
     public static void main(String... arguments) throws Exception {
-        byte[] bytes;
-        SecureRandom prng = SecureRandom.getInstance("SHA1PRNG");
-        bytes = prng.generateSeed(1);
+        for (String mech : new String[]{"SHA1PRNG", "Hash_DRBG", "HMAC_DRBG",
+            "CTR_DRBG"}) {
+
+            SecureRandom prng = null;
+            if (!mech.contains("_DRBG")) {
+                prng = SecureRandom.getInstance(mech);
+            } else {
+                Security.setProperty("securerandom.drbg.config", mech);
+                prng = SecureRandom.getInstance("DRBG");
+            }
+            prng.generateSeed(1);
+        }
     }
+
 }