RFR 8024253: ThreadLocal random can use SecureRandom for the initial seed

Peter Levart peter.levart at gmail.com
Mon Sep 16 15:06:42 UTC 2013


Hi Doug,

This seems reasonable for majority of environments.

Regards, Peter

On 09/16/2013 04:50 PM, Doug Lea wrote:
> On 09/16/2013 10:39 AM, Peter Levart wrote:
>
>> So perhaps the right strategy would be to get the hardware address of 
>> the 1st
>> interface that has it, but don't bother to search more than N interfaces
>
> Where N==2 seems to be the best policy, since at most loopback is
> legitimately null. Putting the suggestions together:
>
>     private static long initialSeed() {
>         String pp = java.security.AccessController.doPrivileged(
>                 new sun.security.action.GetPropertyAction(
>                         "java.util.secureRandomSeed"));
>         if (pp != null && pp.equalsIgnoreCase("true")) {
>             byte[] seedBytes = java.security.SecureRandom.getSeed(8);
>             long s = (long)(seedBytes[0]) & 0xffL;
>             for (int i = 1; i < 8; ++i)
>                 s = (s << 8) | ((long)(seedBytes[i]) & 0xffL);
>             return s;
>         }
>         long h = 0L;
>         try {
>             Enumeration<NetworkInterface> ifcs =
>                 NetworkInterface.getNetworkInterfaces();
>             boolean retry = false; // retry once if getHardwareAddress 
> is null
>             while (ifcs.hasMoreElements()) {
>                 NetworkInterface ifc = ifcs.nextElement();
>                 byte[] bs = ifc.getHardwareAddress();
>                 if (bs != null) {
>                     for (int i = 0; i < 8 && i < bs.length; ++i)
>                         h = (h << 8) ^ bs[i];
>                     break;
>                 }
>                 else if (!retry)
>                     retry = true;
>                 else
>                     break;
>             }
>         } catch (Exception ignore) {
>         }
>         return (mix64(h ^ System.currentTimeMillis()) ^
>                 mix64(System.nanoTime()));
>     }
>
>




More information about the core-libs-dev mailing list