Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
bd490f3a
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
bd490f3a
编写于
12月 10, 2010
作者:
C
coffeys
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
6998583: NativeSeedGenerator is making 8192 byte read requests from entropy pool on each init.
Reviewed-by: wetmore, andrew, vinnie
上级
be15e466
变更
3
显示空白变更内容
内联
并排
Showing
3 changed file
with
124 addition
and
39 deletion
+124
-39
src/share/classes/sun/security/provider/SeedGenerator.java
src/share/classes/sun/security/provider/SeedGenerator.java
+70
-33
src/windows/classes/sun/security/provider/NativeSeedGenerator.java
...ws/classes/sun/security/provider/NativeSeedGenerator.java
+2
-6
test/sun/security/provider/SeedGenerator/SeedGeneratorChoice.java
.../security/provider/SeedGenerator/SeedGeneratorChoice.java
+52
-0
未找到文件。
src/share/classes/sun/security/provider/SeedGenerator.java
浏览文件 @
bd490f3a
/*
/*
* Copyright (c) 1996, 20
09
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 20
10
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
*
* This code is free software; you can redistribute it and/or modify it
* This code is free software; you can redistribute it and/or modify it
...
@@ -138,13 +138,7 @@ abstract class SeedGenerator {
...
@@ -138,13 +138,7 @@ abstract class SeedGenerator {
instance
.
getSeedBytes
(
result
);
instance
.
getSeedBytes
(
result
);
}
}
void
getSeedBytes
(
byte
[]
result
)
{
abstract
void
getSeedBytes
(
byte
[]
result
);
for
(
int
i
=
0
;
i
<
result
.
length
;
i
++)
{
result
[
i
]
=
getSeedByte
();
}
}
abstract
byte
getSeedByte
();
/**
/**
* Retrieve some system information, hashed.
* Retrieve some system information, hashed.
...
@@ -369,6 +363,13 @@ abstract class SeedGenerator {
...
@@ -369,6 +363,13 @@ abstract class SeedGenerator {
}
}
}
}
@Override
void
getSeedBytes
(
byte
[]
result
)
{
for
(
int
i
=
0
;
i
<
result
.
length
;
i
++)
{
result
[
i
]
=
getSeedByte
();
}
}
byte
getSeedByte
()
{
byte
getSeedByte
()
{
byte
b
=
0
;
byte
b
=
0
;
...
@@ -455,8 +456,7 @@ abstract class SeedGenerator {
...
@@ -455,8 +456,7 @@ abstract class SeedGenerator {
static
class
URLSeedGenerator
extends
SeedGenerator
{
static
class
URLSeedGenerator
extends
SeedGenerator
{
private
String
deviceName
;
private
String
deviceName
;
private
BufferedInputStream
devRandom
;
private
InputStream
devRandom
;
/**
/**
* The constructor is only called once to construct the one
* The constructor is only called once to construct the one
...
@@ -478,41 +478,78 @@ abstract class SeedGenerator {
...
@@ -478,41 +478,78 @@ abstract class SeedGenerator {
private
void
init
()
throws
IOException
{
private
void
init
()
throws
IOException
{
final
URL
device
=
new
URL
(
deviceName
);
final
URL
device
=
new
URL
(
deviceName
);
devRandom
=
java
.
security
.
AccessController
.
doPrivileged
(
new
java
.
security
.
PrivilegedAction
<
BufferedInputStream
>()
{
public
BufferedInputStream
run
()
{
try
{
try
{
return
new
BufferedInputStream
(
device
.
openStream
());
devRandom
=
java
.
security
.
AccessController
.
doPrivileged
}
catch
(
IOException
ioe
)
{
(
new
java
.
security
.
PrivilegedExceptionAction
<
InputStream
>()
{
return
null
;
public
InputStream
run
()
throws
IOException
{
/*
* return a FileInputStream for file URLs and
* avoid buffering. The openStream() call wraps
* InputStream in a BufferedInputStream which
* can buffer up to 8K bytes. This read is a
* performance issue for entropy sources which
* can be slow to replenish.
*/
if
(
device
.
getProtocol
().
equalsIgnoreCase
(
"file"
))
{
File
deviceFile
=
getDeviceFile
(
device
);
return
new
FileInputStream
(
deviceFile
);
}
else
{
return
device
.
openStream
();
}
}
}
}
});
});
}
catch
(
Exception
e
)
{
throw
new
IOException
(
"Failed to open "
+
deviceName
,
e
.
getCause
());
}
}
if
(
devRandom
==
null
)
{
/*
throw
new
IOException
(
"failed to open "
+
device
);
* Use a URI to access this File. Previous code used a URL
* which is less strict on syntax. If we encounter a
* URISyntaxException we make best efforts for backwards
* compatibility. e.g. space character in deviceName string.
*
* Method called within PrivilegedExceptionAction block.
*/
private
File
getDeviceFile
(
URL
device
)
throws
IOException
{
try
{
URI
deviceURI
=
device
.
toURI
();
if
(
deviceURI
.
isOpaque
())
{
// File constructor does not accept opaque URI
URI
localDir
=
new
File
(
System
.
getProperty
(
"user.dir"
)).
toURI
();
String
uriPath
=
localDir
.
toString
()
+
deviceURI
.
toString
().
substring
(
5
);
return
new
File
(
URI
.
create
(
uriPath
));
}
else
{
return
new
File
(
deviceURI
);
}
}
catch
(
URISyntaxException
use
)
{
/*
* Make best effort to access this File.
* We can try using the URL path.
*/
return
new
File
(
device
.
getPath
());
}
}
}
}
byte
getSeedByte
()
{
@Override
byte
b
[]
=
new
byte
[
1
];
void
getSeedBytes
(
byte
[]
result
)
{
int
stat
;
int
len
=
result
.
length
;
int
read
=
0
;
try
{
try
{
stat
=
devRandom
.
read
(
b
,
0
,
b
.
length
);
while
(
read
<
len
)
{
int
count
=
devRandom
.
read
(
result
,
read
,
len
-
read
);
// /dev/random blocks - should never have EOF
if
(
count
<
0
)
throw
new
InternalError
(
"URLSeedGenerator "
+
deviceName
+
" reached end of file"
);
read
+=
count
;
}
}
catch
(
IOException
ioe
)
{
}
catch
(
IOException
ioe
)
{
throw
new
InternalError
(
"URLSeedGenerator "
+
deviceName
+
throw
new
InternalError
(
"URLSeedGenerator "
+
deviceName
+
" generated exception: "
+
" generated exception: "
+
ioe
.
getMessage
());
ioe
.
getMessage
());
}
}
if
(
stat
==
b
.
length
)
{
return
b
[
0
];
}
else
if
(
stat
==
-
1
)
{
throw
new
InternalError
(
"URLSeedGenerator "
+
deviceName
+
" reached end of file"
);
}
else
{
throw
new
InternalError
(
"URLSeedGenerator "
+
deviceName
+
" failed read"
);
}
}
}
}
}
...
...
src/windows/classes/sun/security/provider/NativeSeedGenerator.java
浏览文件 @
bd490f3a
/*
/*
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2002,
2010,
Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
*
* This code is free software; you can redistribute it and/or modify it
* This code is free software; you can redistribute it and/or modify it
...
@@ -53,6 +53,7 @@ class NativeSeedGenerator extends SeedGenerator {
...
@@ -53,6 +53,7 @@ class NativeSeedGenerator extends SeedGenerator {
*/
*/
private
static
native
boolean
nativeGenerateSeed
(
byte
[]
result
);
private
static
native
boolean
nativeGenerateSeed
(
byte
[]
result
);
@Override
void
getSeedBytes
(
byte
[]
result
)
{
void
getSeedBytes
(
byte
[]
result
)
{
// fill array as a side effect
// fill array as a side effect
if
(
nativeGenerateSeed
(
result
)
==
false
)
{
if
(
nativeGenerateSeed
(
result
)
==
false
)
{
...
@@ -62,9 +63,4 @@ class NativeSeedGenerator extends SeedGenerator {
...
@@ -62,9 +63,4 @@ class NativeSeedGenerator extends SeedGenerator {
}
}
}
}
byte
getSeedByte
()
{
byte
[]
b
=
new
byte
[
1
];
getSeedBytes
(
b
);
return
b
[
0
];
}
}
}
test/sun/security/provider/SeedGenerator/SeedGeneratorChoice.java
0 → 100644
浏览文件 @
bd490f3a
/*
* Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
* ORACLE PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 6998583
* @summary NativeSeedGenerator is making 8192 byte read requests from
* entropy pool on each init.
* @run main SeedGeneratorChoice
* @run main/othervm -Djava.security.egd=file:/dev/random SeedGeneratorChoice
* @run main/othervm -Djava.security.egd=file:filename SeedGeneratorChoice
*/
/*
* Side testcase introduced to ensure changes for 6998583 will always
* succeed in falling back to ThreadedSeedGenerator if issues are found
* with the native OS generator request. We should never see an exception
* causing exit.
* We should always fall back to the ThreadedSeedGenerator if exceptions
* are encountered with user defined source of entropy.
*/
import
java.security.SecureRandom
;
public
class
SeedGeneratorChoice
{
public
static
void
main
(
String
...
arguments
)
throws
Exception
{
byte
[]
bytes
;
SecureRandom
prng
=
SecureRandom
.
getInstance
(
"SHA1PRNG"
);
bytes
=
prng
.
generateSeed
(
1
);
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录