[kaffe] SHA1PRNG synchronization w/ reseed
Timothy Stack
stack@cs.utah.edu
Tue Jan 20 15:30:03 2004
> 'lo all,
hi,
> an app I'm working on is gobbling up entropy like there's no tomorrow,
> and
> I've run into the following intermittently:
>
> java.lang.ArrayIndexOutOfBoundsException
> at java.lang.System.arraycopy (System.java)
> at kaffe.security.provider.SHA1PRNG.engineNextBytes (SHA1PRNG.java:153)
> at java.security.SecureRandom.nextBytes (SecureRandom.java:76)
> at java.security.SecureRandom.next (SecureRandom.java:83)
> at java.util.Random.nextInt (Random.java:108)
>
> After doing a little digging it seems that the SHA1PRNG impl isn't
> threadsafe (this.data, this.dataPos, and counter are updated during
> engineNextBytes, and this.seed as well as this.seedPos are updated during
> engineSetSeed)
So, I'm not quite sure if it is supposed to be thread-safe... Can you
point me to something? Anyways, I ended up just making setSeed/nextByte
synchronized, hopefully that works for you.
Also, I added some new stuff so that it initially pulls from
"/dev/urandom" if it is available. So, if you experience anything
strange, holler.
> hth,
> =jr
thanks!
tim