-
Enhancement
-
Resolution: Fixed
-
P4
-
None
-
b27
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8347175 | 17.0.15 | Goetz Lindenmaier | P4 | Resolved | Fixed | b01 |
JDK-8340594 | 11.0.26-oracle | Prasadarao Koppula | P4 | Resolved | Fixed | b01 |
JDK-8340647 | 8u441 | Prasadarao Koppula | P4 | Resolved | Fixed | b01 |
Setting java.security.egd to file:/dev/./urandom was necessary prior to JDK-6425477, which was fixed in JDK8.
We should double check, but I believe by default most of these cases were written back when SHA1PRNG was the default SecureRandom, and thus would need to be seeded from /dev/random which could block upon exhausting internal entropy. Newer cases might have been written by folks who were familiar with the "file:/dev/./urandom" workaround, which IIRC, no longer applies in JDK 8+. Since NativePRNG is the default in Linux, most of these override calls can probably just be removed.
java.security.egd is only used by SecureRandom#generateSeed, which is used for seeding non-native PRNGs and for seeding regular RNGs when java.util.secureRandomSeed=true
- backported by
-
JDK-8340594 Remove unnecessary java.security.egd overrides
-
- Resolved
-
-
JDK-8340647 Remove unnecessary java.security.egd overrides
-
- Resolved
-
-
JDK-8347175 Remove unnecessary java.security.egd overrides
-
- Resolved
-
- relates to
-
JDK-8296384 [TESTBUG] sun/security/provider/SecureRandom/AbstractDrbg/SpecTest.java intermittently timeout
-
- Resolved
-
-
JDK-8293858 Change PKCS7 code to use default SecureRandom impl instead of SHA1PRNG
-
- Resolved
-
- links to
-
Commit openjdk/jdk/79d163d4
-
Commit(master) openjdk/jdk17u-dev/96100ad2
-
Review openjdk/jdk/10716
-
Review(master) openjdk/jdk17u-dev/3183