Changeset 896af2c


Ignore:
Timestamp:
Jun 25, 2016 10:20:27 PM (4 years ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
3baa08a
Parents:
2c3311b
Message:

Utils: Improve random seed initialization
Fallback to Random rather than try SecureRandom? twice
Fetch from SecureRandom? incrementally
Remove log warning

Location:
core/java/src/net/i2p/util
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • core/java/src/net/i2p/util/FortunaRandomSource.java

    r2c3311b r896af2c  
    1414import java.io.IOException;
    1515import java.security.SecureRandom;
     16import java.util.Random;
    1617
    1718import net.i2p.I2PAppContext;
     
    4142        } else {
    4243            // may block forever
    43             SecureRandom sr = new SecureRandom();
     44            //SecureRandom sr = new SecureRandom();
     45            // SecureRandom already failed in initSeed(), so try Random
     46            Random sr = new Random();
    4447            sr.nextBytes(seed);
    4548            _fortuna.seed(seed);
  • core/java/src/net/i2p/util/RandomSource.java

    r2c3311b r896af2c  
    196196                if (ok)
    197197                    System.arraycopy(tbuf, 0, buf, 0, buf.length);
    198                 else
    199                     System.out.println("INFO: SecureRandom init failed or took too long");
     198                // See FortunaRandomSource constructor for fallback
     199                //else
     200                //    System.out.println("INFO: SecureRandom init failed or took too long");
    200201            }
    201202        } catch (InterruptedException ie) {}
     
    219220    private static class SecureRandomInit implements Runnable {
    220221        private final byte[] buf;
     222        private static final int SZ = 64;
    221223
    222224        public SecureRandomInit(byte[] buf) {
     
    225227
    226228        public void run() {
    227             byte[] buf2 = new byte[buf.length];
     229            byte[] buf2 = new byte[SZ];
     230            // do this 64 bytes at a time, so if system is low on entropy we will
     231            // hopefully get something before the timeout
    228232            try {
    229                 SecureRandom.getInstance("SHA1PRNG").nextBytes(buf2);
    230                 synchronized(buf) {
    231                     System.arraycopy(buf2, 0, buf, 0, buf.length);
     233                SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
     234                for (int i = 0; i < buf.length; i += SZ) {
     235                    sr.nextBytes(buf2);
     236                    synchronized(buf) {
     237                        System.arraycopy(buf2, 0, buf, i, Math.min(SZ, buf.length - i));
     238                    }
    232239                }
    233240            } catch (NoSuchAlgorithmException e) {}
Note: See TracChangeset for help on using the changeset viewer.