On Dec 2, 2014, at 5:42 PM, Peter Levart <peter.lev...@gmail.com> wrote:
> On 12/02/2014 11:02 AM, Paul Sandoz wrote: >> Hi, >> >> Please find below a patch to remove the networking code computing a seed in >> ThreadLocal/SplittableRandom. >> >> We thought it a good idea at the time :-) but subsequently on certain >> platforms this results in very high initalization costs that can propagate >> to other classes such as ConcurrentSkipList*. >> >> The short-term solution is to remove this code and fallback just using >> current system time. This needs to be back-ported to 8u40. >> >> A longer term solution is to provide a simple public API to get access to >> some seed bytes that is optimal for the underlying platform, for example, >> based on Peter's investigations. For linux /dev/urandom is sufficient as a >> source of bytes. The main problem seems to be Windows. It would also be nice >> to back-port to say 8u60 using a private API and update TLR/SR. > > Hi, > > Here's a proof of concept for an API that just delegates to system-provided > "cryptographically secure" (as declared by the system(s)) pseudo random > number generator: > > http://cr.openjdk.java.net/~plevart/jdk9-dev/SystemRandom/webrev.01/ > That's rather good. I updated the bug with a link to your email. Paul.
