The implementation of SecureRandom in Java in Linux

In a security system, we usually use securerandom to generate a more secure random number, whereas the algorithm used in the default securerandom is sha1prng.

random number generators in Linux

In the Linux operating system, there is a special device file that can be used as a random number generator or pseudo-random number generator.

/dev/random

On reading, the/dev/random device returns random bytes that are less than the total entropy pool noise. /dev/random can generate a high-randomness public key or one-time cipher book. If the entropy pool is empty, the read operation on the/dev/random will be blocked until sufficient ambient noise is collected from other devices.

Of course you can also set to not plug, when you set the parameter O_nonblock when open, but when you read, if the entropy pool empty, will return 1

/dev/urandom

A copy of the/dev/random is/dev/urandom ("unlocked", a non-blocking random number generator [4]), which reuses the data in the entropy pool to produce pseudo-random data. This means that the read operation on the/dev/urandom is not blocked, but its output entropy may be less than/dev/random. It can be used as a pseudo-random number generator for generating lower strength passwords and is not recommended for generating strong long-term passwords.

set random numbers under Linux

/proc/sys/kernel/random

In this directory, you can configure the parameters of the/dev/random

Poolsize

The file poolsize gives the size of the entropy pool

Read-wakeup_threadhold

The file Read_wakeup_threshold contains the number of bits ofentropy required for waking up processes that sleep waiting f  or entropy from/dev/random. The default is 64.

Write_wakeup_threshold

The filewrite_wakeup_threshold contains the number of bits of entropy below which wewake up processes it do a select (2) or poll (2) for write access To/dev/random.

configuration generator in Java

In Java, you can set the specified random number generator in two ways.

1.-djava.security.egd=file:/dev/random or-djava.security.egd=file:/dev/urandom

2. Modify the configuration file java.security in Jvm_home\jre\lib\security

Parameter Securerandom.source=file:/dev/urandom

/dev/random is blocked, when the random number is read, when the entropy pool value is empty when the effect of blocking the performance, especially when the system large concurrent generation of random numbers, if the random number is not high, you can read the/dev/urandom

The entire process is as follows:

In Java, read the system parameter Java.security.egd first, if the value is empty, read the parameters in the java.security configuration file Securerandom.source, under normal circumstances, is to read the parameter Securerandom.source, the default value is/dev/urandom, that is, because it is not blocked.

But the reality is, in testing the Linux environment, you will find that the default value is blocked.

View Code Sun.security.provider.SeedGenerator.java

if (egdsource.equals (url_dev_random) | | egdsource.equals (url_dev_urandom)) {try {instance =                  New Nativeseedgenerator ();                      if (debug! = null) {DEBUG.PRINTLN ("the Instance:" +instance.getclass ());                  DEBUG.PRINTLN ("Using Operating system seed generator"); }} catch (IOException e) {if (debug! = null) {debug.println ("Failed                  To use operating system seed "+" generator: "+ e.tostring ()); }}} and Else if (egdsource.length ()! = 0) {try {instance = new Urlsee                  Dgenerator (Egdsource);                                    if (debug! = null) {debug.println ("Using the URL seed generator reading from"                  + Egdsource);         }} catch (IOException e) {if (debug! = null)             Debug.println ("Failed to create seed generator with" + Egdsource + ":" +              E.tostring ());   }          }

You can see in the code that Nativeseedgenerator is enabled when the configuration value is File:/dev/random or file:/dev/urandom, while the Nativeseedgenerator class under Linux

Class Nativeseedgenerator extends seedgenerator.urlseedgenerator{    nativeseedgenerator () throws IOException {        super ();    }}

It simply inherits the Urlseedgenerator, while the Urlseedgenerator default constructor forces the read of the file/dev/random

Urlseedgenerator () throwsioexception {This            (seedgenerator.url_dev_random);        }

That is, even if you set the-djava.security.egd=file:/dev/urandom, the final result is read File:/dev/random, is not clear whether the code is a bug, or intentionally for it? But the solution is quite interesting because the File:/dev/random,file:/dev/urandom value is strongly matched in the above code

For Linux, there are many ways to represent the urandom path.

Like File:/dev/./urandom or file:/dev/. /dev/urandom so you can bypass Java's simple check, this should be a Java security bug

Set up

-djava.security.egd=file:/dev/./urandom

You can bypass protection and use Urlseedgenerator to read files/dev/./urandom that is/dev/urandom file

TIP: Open debug Log for Security

By setting the parameters

-djava.security.debug=all

You can see all security logs on the console.

The implementation of SecureRandom in Java in Linux