Peter: Thanks very much for attacking the shocking impact/complexity of getting a few seed bits.
On 06/25/2014 01:41 PM, Peter Levart wrote:
Peeking around in the sun.security.provider package, I found there already is a minimal internal infrastructure for obtaining random seed. It's encapsulated in package-private abstract class sun.security.provider.SeedGenerator with 4 implementations. It turns out that, besides Java-only fall-back implementation called ThreadedSeedGenerator and generic URLSeedGenerator, there are also two implementations of NativeSeedGenerator (one for UNIX-es which is just an extension of URLSeedGenerator and the other for Windows which uses MS CryptoAPI). I made a few tweaks that allow this sub-infrastructure to be used directly in ThreadLocalRandom and SplittableRandom: http://cr.openjdk.java.net/~plevart/jdk9-dev/TLR_SR_SeedGenerator/webrev.01/
This seems to be the best idea yet, assuming that people are OK with the changes to sun.security.provider.SeedGenerator and NativeSeedGenerator.java -Doug