On Sun, Nov 28, 2010 at 8:37 AM, Mark Thomas <ma...@apache.org> wrote:
> On 27/11/2010 21:01, Phil Steitz wrote: > > With this change to createRandom it is not clear to me what the value of > the > > reseeding is when the SecureRandom is not user-supplied. > > Maybe not a huge amount. > > > It would speed up initialization in the default case if > > the reseeding was only done for user-defined generators. Alternatively, > you > > could remove it altogether and doc the fact that user-supplied classes > are > > expected to be self-seeding. > > That makes sense but my focus right now isn't on performance at > initialisation but performance of session ID generation. I want to get > to the bottom of why SecureRandom on OSX was behaving as if it was > synchronized internally even though I didn't see any blocking in > YourKit. More importantly, does it behave the same way on Linux? More > testing is required. > > OK, sorry for the noise. I may be wrong, but I think the default on Linux at least used to be NativePRNG. Looking at the source for NativePRNG (e.g., [1]), it appears that it mixes entropy bytes from /dev/urandom on each call to engineNextBytes - not just at initialization, which could cause periodic waits on /dev/urandom. See [2] for more info. [1] h*ttp://s.apache.org/5KC <http://s.apache.org/5KC>* [2] http://s.apache.org/SRg Phil