16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package sun.security.provider;
27
28 import java.io.*;
29 import java.net.*;
30 import java.security.*;
31 import java.util.Arrays;
32
33 import sun.security.util.Debug;
34
35 /**
36 * Native PRNG implementation for Solaris/Linux/MacOS.
37 * <p>
38 * It obtains seed and random numbers by reading system files such as
39 * the special device files /dev/random and /dev/urandom. This
40 * implementation respects the {@code securerandom.source} Security
41 * property and {@code java.security.egd} System property for obtaining
42 * seed material. If the file specified by the properties does not
43 * exist, /dev/random is the default seed source. /dev/urandom is
44 * the default source of random numbers.
45 * <p>
46 * On some Unix platforms, /dev/random may block until enough entropy is
47 * available, but that may negatively impact the perceived startup
48 * time. By selecting these sources, this implementation tries to
49 * strike a balance between performance and security.
50 * <p>
51 * generateSeed() and setSeed() attempt to directly read/write to the seed
52 * source. However, this file may only be writable by root in many
53 * configurations. Because we cannot just ignore bytes specified via
54 * setSeed(), we keep a SHA1PRNG around in parallel.
55 * <p>
56 * nextBytes() reads the bytes directly from the source of random
|
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package sun.security.provider;
27
28 import java.io.*;
29 import java.net.*;
30 import java.security.*;
31 import java.util.Arrays;
32
33 import sun.security.util.Debug;
34
35 /**
36 * Native PRNG implementation for Linux/MacOS.
37 * <p>
38 * It obtains seed and random numbers by reading system files such as
39 * the special device files /dev/random and /dev/urandom. This
40 * implementation respects the {@code securerandom.source} Security
41 * property and {@code java.security.egd} System property for obtaining
42 * seed material. If the file specified by the properties does not
43 * exist, /dev/random is the default seed source. /dev/urandom is
44 * the default source of random numbers.
45 * <p>
46 * On some Unix platforms, /dev/random may block until enough entropy is
47 * available, but that may negatively impact the perceived startup
48 * time. By selecting these sources, this implementation tries to
49 * strike a balance between performance and security.
50 * <p>
51 * generateSeed() and setSeed() attempt to directly read/write to the seed
52 * source. However, this file may only be writable by root in many
53 * configurations. Because we cannot just ignore bytes specified via
54 * setSeed(), we keep a SHA1PRNG around in parallel.
55 * <p>
56 * nextBytes() reads the bytes directly from the source of random
|