| Native PRNG implementation for Solaris/Linux. It interacts with
/dev/random and /dev/urandom, so it is only available if those
files are present. Otherwise, SHA1PRNG is used instead of this class.
getSeed() and setSeed() directly read/write /dev/random. However,
/dev/random is only writable by root in many configurations. Because
we cannot just ignore bytes specified via setSeed(), we keep a
SHA1PRNG around in parallel.
nextBytes() reads the bytes directly from /dev/urandom (and then
mixes them with bytes from the SHA1PRNG for the reasons explained
above). Reading bytes from /dev/urandom means that constantly get
new entropy the operating system has collected. This is a notable
advantage over the SHA1PRNG model, which acquires entropy only
initially during startup although the VM may be running for months.
Also note that we do not need any initial pure random seed from
/dev/random. This is an advantage because on some versions of Linux
it can be exhausted very quickly and could thus impact startup time.
Finally, note that we use a singleton for the actual work (RandomIO)
to avoid having to open and close /dev/[u]random constantly. However,
there may me many NativePRNG instances created by the JCA framework.
since:
1.5
version:
1.10, 05/05/07
author:
Andreas Sterbenz |
