commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Herbert <alex.d.herb...@gmail.com>
Subject Re: [commons-rng] branch master updated: Update SeedFactory use of SecureRandom to non-blocking on Linux systems.
Date Thu, 18 Jul 2019 12:21:25 GMT

On 18/07/2019 13:11, Gilles Sadowski wrote:
>   Hello Alex.
>
> Le jeu. 18 juil. 2019 à 13:54, <aherbert@apache.org> a écrit :
>> This is an automated email from the ASF dual-hosted git repository.
>>
>> aherbert pushed a commit to branch master
>> in repository https://gitbox.apache.org/repos/asf/commons-rng.git
>>
>>
>> The following commit(s) were added to refs/heads/master by this push:
>>       new 70c0929  Update SeedFactory use of SecureRandom to non-blocking on Linux
systems.
>> 70c0929 is described below
>>
>> commit 70c09297f771771ee341303530c80ca174f10307
>> Author: aherbert <aherbert@apache.org>
>> AuthorDate: Thu Jul 18 12:54:11 2019 +0100
>>
>>      Update SeedFactory use of SecureRandom to non-blocking on Linux systems.
>>
>>      See https://tersesystems.com/blog/2015/12/17/the-right-way-to-use-securerandom/
> The above says:
> ---CUT---
> The generateSeed method is not needed for a Native PRNG of any type,
> but it IS useful to seed a user space PRNG such as SHA1PRNG.
> ----CUT---
>
> IIRC, I assumed that when initializing the SeedFactory RNG, we were in
> that case.

I was seeing it block for 2min:30s on my machine on first usage of the 
SeedFactory. This occurs in the samplers package when running tests as 
the CombinationSamplerTest uses a RandomSource without a hard coded seed.

If I did this:

mvn test -Dtest=CombinationSamplerTest

It blocks.

If I did this:

mvn test -Dtest=CombinationSamplerTest 
-Djava.security.egd=file:/dev/./urandom

It ran with no problem.

IIUC the generateSeed() method will default to /dev/random on Linux. The 
old SeedFactory code only requested 64 bits. The new method is 
requesting 16 * 64 bits = 1024 bits. This is resulting in blocking 
behaviour.

If we call nextBytes then the default SecureRandom seeds itself and 
generates secure bytes. I can only assume that the number of bits to 
self seed is much smaller for the default algorithm so does not block. 
If it is SHA1 then it would be 160 bits.

I am happy to go for another solution. What we want to avoid is to have 
the SeedFactory block for minutes to create the default generator.

Alex


>
> Regards,
> Gilles
>
>
>> ---
>>   .../java/org/apache/commons/rng/simple/internal/SeedFactory.java     | 5 +++--
>>   1 file changed, 3 insertions(+), 2 deletions(-)
>>
>> diff --git a/commons-rng-simple/src/main/java/org/apache/commons/rng/simple/internal/SeedFactory.java
b/commons-rng-simple/src/main/java/org/apache/commons/rng/simple/internal/SeedFactory.java
>> index 8802622..170c978 100644
>> --- a/commons-rng-simple/src/main/java/org/apache/commons/rng/simple/internal/SeedFactory.java
>> +++ b/commons-rng-simple/src/main/java/org/apache/commons/rng/simple/internal/SeedFactory.java
>> @@ -68,8 +68,9 @@ public final class SeedFactory {
>>           // Use a secure RNG so that different instances (e.g. in multiple JVM
>>           // instances started in rapid succession) will have different seeds.
>>           final SecureRandom seedGen = new SecureRandom();
>> -        final long[] seed = NumberFactory.makeLongArray(
>> -                seedGen.generateSeed(8 * XOR_SHIFT_1024_STATE_SIZE));
>> +        final byte[] bytes = new byte[8 * XOR_SHIFT_1024_STATE_SIZE];
>> +        seedGen.nextBytes(bytes);
>> +        final long[] seed = NumberFactory.makeLongArray(bytes);
>>           // The XorShift1024StarPhi generator cannot recover from an all zero seed
and
>>           // will produce low quality initial output if initialised with some zeros.
>>           // Ensure it is non zero at all array positions using a SplitMix64
>>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org
> For additional commands, e-mail: dev-help@commons.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org
For additional commands, e-mail: dev-help@commons.apache.org


Mime
View raw message