Update #5: JEP 123: SecureRandom Draft and Implementation.
Florian Weimer
fweimer at redhat.com
Thu Apr 11 10:12:41 UTC 2013
On 04/11/2013 12:07 AM, Brad Wetmore wrote:
> Hi Florian,
>
> > I wonder if this change to src/share/lib/security/java.security-linux
> >
> > -securerandom.source=file:/dev/urandom
> > +securerandom.source=file:/dev/random
> >
> > causes the return of the blocking behavior.
>
> Welcome to my "can of worms." [1] I hope everything I've said below is
> correct, and haven't made any typos!
Yay for crypto pluggability. 8-/
Rather than trying to find out what the code does, I tested your changes
on Fedora 18, and here is what I found:
new SecureRandom() does not block for seeding. It reads straight from
/dev/urandom, so it may have some impact on the kernel entropy pool.
SecureRandom.getInstance("SHA1PRNG") may block for seeding, but only
once during startup. After that, it does not obtain entropy from the
kernel.
This matches the behavior of OpenJDK 7 in that Fedora version.
However, I noticed that /dev/{u,}random is opened three times each (and
the file descriptors are kept open).
--
Florian Weimer / Red Hat Product Security Team
More information about the security-dev
mailing list