Setting -Djava.security.egd=file:/dev/urandom does not take effective in older versions of Java than JDK 8

Solution Verified - Updated

Environment

  • Java application using java.security.SecureRandom
  • OpenJDK
    • 6
    • 7
  • Oracle JDBC Driver

Issue

My java application using java.security.SecureRandom hangs like <https://access.redhat.com/solutions/34626>. To resolve the issue, I tried adding the system property -Djava.security.egd=file:/dev/urandom to use /dev/urandom instead of /dev/random. But it looks the setting does not take effective in Java 6 and 7.

Resolution

  • Specify -Djava.security.egd=file:/dev/./urandom instead of -Djava.security.egd=file:/dev/urandom
  • Upgrade to Java 8

Root Cause

Diagnostic Steps

  • You can reproduce the issue by using the following java program:

    import java.security.SecureRandom;
class JRand {
  public static void main(String args[]) throws Exception {
      System.out.println("Begin Test #1 with SecureRandom");
      System.out.println("     Result#1: " +
         SecureRandom.getInstance("SHA1PRNG").nextLong());
      System.out.println("End Test 1");
      System.out.println("Exiting Program"); 
  } 
}

  • Steps to reproduce:

    1. Compile the above code:

       javac JRand.java

    2. Repeat executing with -Djava.security.egd=file:/dev/urandom:

       while true; do java -Djava.security.egd=file:/dev/urandom JRand; sleep 1; done`

      This will hang after repeating several times.

    3. Repeat executing with -Djava.security.egd=file:/dev/./urandom:

       while true; do java -Djava.security.egd=file:/dev/./urandom JRand; sleep 1; done`

      This won't hang.

SBR
Product(s)
Category
Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.