[ https://issues.apache.org/jira/browse/RNG-19?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16919576#comment-16919576 ]
Alex D Herbert commented on RNG-19: ----------------------------------- I think the idea was to replicate {{/dev/urandom}} which is a non blocking source of randomness on Linux platforms. The code: {code:java} new SecureRandom(byte[]); {code} will seed using the native system random generator but the built instance will just use the internal state and its SHA algorithm, i.e. there is no external entropy collection once built. [SecureRandom Algorithm Names|https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#SecureRandom] States that: {code:java} SecureRandom.getInstance("NativePRNGNonBlocking") {code} Should work on as desired to gather data from {{/dev/urandom}}. However it is an algorithm not available on Windows. The docs do not state this but a quick web search will find lots of issues with code using this algorithm name on the Windows OS. One suggestion would be to add a system RNG that tries to create a SecureRandom using the name "NativePRNGNonBlocking". If it fails then it can throw an exception and would be documented as user beware. This will at least provide users with a UniformRandomProvider using the underlying OS. If it were to extend IntProvider it would not support the save/restore functionality correctly. There is no way to restore to a previous state since the state is not controlled within the JVM. It may be better to add a helper class/method such as: {code:java} public class RandomAdapter implements UniformRandomProvider { private final Random source; public RandomAdapter(Random source) { this.source = source; } // etc ... } // OR public static UniformRandomProvider wrap(final Random delegate) { return new UniformRandomProvider() { // ... }; } {code} This can wrap any external library that extends java.util.Random and would include SecureRandom. Note that Random is missing: - nextBytes(byte[], int, int) - nextLong(long) so these would have to be implemented. The user can then create the SecureRandom (or whatever) how they choose and use the wrapper to create a useable UniformRandomProvider. > System generator (/dev/random) > ------------------------------ > > Key: RNG-19 > URL: https://issues.apache.org/jira/browse/RNG-19 > Project: Commons RNG > Issue Type: Wish > Reporter: Emmanuel Bourg > Priority: Minor > > Commons RNG could include a random number generator based on the output of > /dev/random or /dev/urandom on Unix systems. > Commons Crypto has an implementation that could be used as a starting point: > https://github.com/apache/commons-crypto/blob/master/src/main/java/org/apache/commons/crypto/random/OsCryptoRandom.java -- This message was sent by Atlassian Jira (v8.3.2#803003)