7167656: Multiple Seeders are being created
Reviewed-by: smarks, mduigou, ahgross
--- a/jdk/src/share/classes/sun/security/provider/SecureRandom.java Thu Sep 06 17:27:56 2012 -0700
+++ b/jdk/src/share/classes/sun/security/provider/SecureRandom.java Mon May 21 15:42:15 2012 -0700
@@ -56,12 +56,6 @@
private static final long serialVersionUID = 3581829991155417889L;
- /**
- * This static object will be seeded by SeedGenerator, and used
- * to seed future instances of SecureRandom
- */
- private static SecureRandom seeder;
-
private static final int DIGEST_SIZE = 20;
private transient MessageDigest digest;
private byte[] state;
@@ -173,6 +167,28 @@
}
/**
+ * This static object will be seeded by SeedGenerator, and used
+ * to seed future instances of SHA1PRNG SecureRandoms.
+ *
+ * Bloch, Effective Java Second Edition: Item 71
+ */
+ private static class SeederHolder {
+
+ private static final SecureRandom seeder;
+
+ static {
+ /*
+ * Call to SeedGenerator.generateSeed() to add additional
+ * seed material (likely from the Native implementation).
+ */
+ seeder = new SecureRandom(SeedGenerator.getSystemEntropy());
+ byte [] b = new byte[DIGEST_SIZE];
+ SeedGenerator.generateSeed(b);
+ seeder.engineSetSeed(b);
+ }
+ }
+
+ /**
* Generates a user-specified number of random bytes.
*
* @param bytes the array to be filled in with random bytes.
@@ -183,13 +199,8 @@
byte[] output = remainder;
if (state == null) {
- if (seeder == null) {
- seeder = new SecureRandom(SeedGenerator.getSystemEntropy());
- seeder.engineSetSeed(engineGenerateSeed(DIGEST_SIZE));
- }
-
byte[] seed = new byte[DIGEST_SIZE];
- seeder.engineNextBytes(seed);
+ SeederHolder.seeder.engineNextBytes(seed);
state = digest.digest(seed);
}