ThreadLocalRandom clinit troubles

Doug Lea dl at
Thu Jun 26 23:10:22 UTC 2014

Peter: Thanks very much for attacking the shocking impact/complexity
of getting a few seed bits.

On 06/25/2014 01:41 PM, Peter Levart wrote:
> Peeking around in the package, I found there already is a
> minimal internal infrastructure for obtaining random seed. It's encapsulated in
> package-private abstract class with 4
> implementations. It turns out that, besides Java-only fall-back implementation
> called ThreadedSeedGenerator and generic URLSeedGenerator, there are also two
> implementations of NativeSeedGenerator (one for UNIX-es which is just an
> extension of URLSeedGenerator and the other for Windows which uses MS
> CryptoAPI). I made a few tweaks that allow this sub-infrastructure to be used
> directly in ThreadLocalRandom and SplittableRandom:

This seems to be the best idea yet, assuming that people are OK
with the changes to and


More information about the security-dev mailing list