JDK-6521844 : SecureRandom hangs on Linux Systems
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 6
  • Priority: P5
  • Status: Closed
  • Resolution: Fixed
  • OS: linux
  • CPU: x86
  • Submitted: 2007-02-06
  • Updated: 2020-01-06
  • Resolved: 2011-05-02
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7 Other
7 b20Fixed OpenJDK6Fixed
Related Reports
Duplicate :  
JDK-8159221 - java.security.SecureRandom.generateSeed freeze when /dev/random is disabled
Duplicate :  
JDK-6577564 - Add notes on possible block of SecureRandom.generateSeed()/nextBytes()
Relates :  
JDK-6202721 - SHA1PRNG reads from /dev/random even if /dev/urandom selected
Relates :  
JDK-6708214 - java.security.SecureRandom.nextBytes() takes a long time.
Description
The JCK test api/java_security/SecureRandom/SecureRandomTests.html#misc
can hang on Linux platforms if there is no other activity on the system.

This bug appears to have been in the system for several releases.

This is caused by code in the NativePRNG.java file accessing /dev/random and blocking.
I believe these suspect code is this method. 

        private byte[] implGenerateSeed(int numBytes) 

On some Linux systems we get an initial stream of bytes from /dev/random that can
satisfy the Seed requirement but others return nothing unless there is additional system
activity.


/java/re/jdk/6.0/latest/ws/j2se/src/solaris/classes/sun/security/provider/NativePRNG.java

Although the JRE is supposed to support selecting /dev/urandom in the java.security properties file, this code appears to ignore this selection.  To attempt to work around this problem we have attempted to set the command line property:
 -Djava.security.egd=file:/dev/urandom 
and make sure that the java.security file contains this setting:
  securerandom.source=file:/dev/urandom

This still causes hangs on several Linux boxes tested.  The test can be made to pass if there is consistent mouse or keyboard activity.  This is obviously not an acceptable workaround.

If the user has selected a less secure random number source (/dev/urandom), our
SecureRandom implementation should honor that and not hang.

In addition to the JCK hangs, this problem could manifest itself with unacceptable performance degredation in customer applications that would be very difficult to diagnose.
Comments
EVALUATION Add clarifications into SecureRandom spec. Will also add details on Sun JDK implementations into the security guide.
14-11-2012
WORK AROUND set securerandom.source to file:/dev/./urandom as described in http://monaco.sfbay/detail.jsf?cr=6202721
03-03-2007
EVALUATION Hanging at generateSeed is not a bug, since that's what was designed: When the entropy pool is empty, reads from /dev/random will block until additional environmental noise is gathered. (Source: Linux Programmer's Manual, section 4) Alternatively, set securerandom.source to file:/dev/./urandom as described in http://monaco.sfbay/detail.jsf?cr=6202721
12-02-2007