ThreadLocalRandom clinit troubles

Doug Lea dl at cs.oswego.edu
Thu Jun 26 23:10:22 UTC 2014


Peter: Thanks very much for attacking the shocking impact/complexity
of getting a few seed bits.

On 06/25/2014 01:41 PM, Peter Levart wrote:
>
> Peeking around in the sun.security.provider package, I found there already is a
> minimal internal infrastructure for obtaining random seed. It's encapsulated in
> package-private abstract class sun.security.provider.SeedGenerator with 4
> implementations. It turns out that, besides Java-only fall-back implementation
> called ThreadedSeedGenerator and generic URLSeedGenerator, there are also two
> implementations of NativeSeedGenerator (one for UNIX-es which is just an
> extension of URLSeedGenerator and the other for Windows which uses MS
> CryptoAPI). I made a few tweaks that allow this sub-infrastructure to be used
> directly in ThreadLocalRandom and SplittableRandom:
>
> http://cr.openjdk.java.net/~plevart/jdk9-dev/TLR_SR_SeedGenerator/webrev.01/
>

This seems to be the best idea yet, assuming that people are OK
with the changes to sun.security.provider.SeedGenerator and
NativeSeedGenerator.java

-Doug





More information about the security-dev mailing list