Update #5: JEP 123: SecureRandom Draft and Implementation.
Florian Weimer
fweimer at redhat.com
Wed Apr 10 14:21:03 UTC 2013
On 04/10/2013 09:17 AM, Brad Wetmore wrote:
> Hi Xuelei/Weijun,
>
> Thanks for the comments.
>
> The version I plan to putback is:
>
> http://cr.openjdk.java.net/~wetmore/6425477/webrev.05/
I wonder if this change to src/share/lib/security/java.security-linux
-securerandom.source=file:/dev/urandom
+securerandom.source=file:/dev/random
causes the return of the blocking behavior. In the past, I saw
/dev/random-related blocking during server start-up because too many
SecureRandom instances needed seeding. If I follow the code correctly,
seeding of non-strong generators now uses /dev/random again, which is
subject to blocking.
--
Florian Weimer / Red Hat Product Security Team
More information about the security-dev
mailing list