On 01/05/12 01:02, Bill Pugh wrote:
So I think the right thing to do is to abandon the original patch, and instead
make the following changes:
* add the following method to BigInteger public boolean
*isProbablePrime*(int certainty, Random end) , which allows primality
testing with arbitrary Random objects. In many cases, using a well seeded
normal Random object will work just fine, and this will give users the
ability to provide their own Random objects
* Document SecureRandom to note that all instances of SecureRandom depend on
a common shared source of randomness, and thus it can be a concurrency
bottlenck.
* Document that BigInteger.*isProbablePrime*(int certainty) is a concurrency
bottleneck.
This all sounds perfect to me.
Joe Darcy - do you have any thoughts?
* Add java.util.concurrent.MostlySecureRandom which uses /dev/random for
seeding, and uses only the SHA1PRNG implementation provided by
sun.security.provider.SecureRandom to generate subsequent randomness. Feel
free to pick a name other than MostlySecureRandom. After the initial
seeding, calls to generate randomness using a MostlySecureRandom should
not use any shared values.
I think the only question is whether, given low expected usage, it would be
OK just to explain how to do this in some javadoc, and also provide in some
jsr166<n>.extras package.
-Doug
