Update #5: JEP 123: SecureRandom Draft and Implementation.

Florian Weimer fweimer at redhat.com
Wed Apr 10 07:21:03 PDT 2013


On 04/10/2013 09:17 AM, Brad Wetmore wrote:
> Hi Xuelei/Weijun,
>
> Thanks for the comments.
>
> The version I plan to putback is:
>
>      http://cr.openjdk.java.net/~wetmore/6425477/webrev.05/

I wonder if this change to src/share/lib/security/java.security-linux

-securerandom.source=file:/dev/urandom
+securerandom.source=file:/dev/random

causes the return of the blocking behavior.  In the past, I saw 
/dev/random-related blocking during server start-up because too many 
SecureRandom instances needed seeding.  If I follow the code correctly, 
seeding of non-strong generators now uses /dev/random again, which is 
subject to blocking.

-- 
Florian Weimer / Red Hat Product Security Team


More information about the security-dev mailing list