Good idea. Will do that. Thanks.
Regards
Felix
On 06.09.2010 17:10, Justin Edelson wrote:
> How about adding a log message on component activation (if fast seeding
> is off) which says something like "The generation of securely random
> numbers on some operating systems can take up to several min
How about adding a log message on component activation (if fast seeding
is off) which says something like "The generation of securely random
numbers on some operating systems can take up to several minutes
depending upon environment factors. If this is a problem for you, set
the system property jav
Thanks for the feedback.
I committed the patch but did not enable the "fast seeding" by default
because I am not really sure how strong it is for general use.
But I have no strong feelings about it and if the general consensus is
to enable it by default, we can change this.
Regards
Felix
On 06.
Yes LvGTM, I like the MD5 of tmp names to create non sequential entropy.
I am almost tempted to say this should be on by default.
Ian
On 6 Sep 2010, at 10:57, Felix Meschberger wrote:
> Hi,
>
> I have implemented a different method to generate a seed value for the
> SecureRandom number generato
Hi,
I have implemented a different method to generate a seed value for the
SecureRandom number generator and attached to SLING-1729 [1]. This
method is not used by default and must be explicitly enabled using
configuration.
Does this make sense ?
Regards
Felix
[1]
https://issues.apache.org/jira
Hi,
I have run both your tests with no differing behaviour. I got
non-blocking results when setting the java.security.egd system property
as follows:
-Djava.security.egd=file:/dev/./urandom
Note "/./" notation, which seems to be required to not have Java use
/dev/urandom as an alias for /dev/
java.util.Random does not have enough entropy to be used for security purposes.
IIRC the sequence can be repeated as the seed is based on the epoch, and so is
predictable.
You could use it, but the keys would be predictable and since these keys are
used to generate the HMACs for all user logins,
Hi,
I remember now, so sorry for not referring to your earlier mail.
Regards
Felix
On 04.09.2010 00:50, Pontus Amberg wrote:
> Yes I have encountered it a while back [1] but I never had time to find
> the cause.
>
> /Pontus
>
> [1] http://sling.markmail.org/message/bs6npo3iyejetgz3
>
> On 201
Yes I have encountered it a while back [1] but I never had time to find
the cause.
/Pontus
[1] http://sling.markmail.org/message/bs6npo3iyejetgz3
On 2010-09-03 23:25, Felix Meschberger wrote:
Hi all,
I noticed slow (extremely slow, actually: something like 30seconds)
startup of the Form Auth
Hi all,
I noticed slow (extremely slow, actually: something like 30seconds)
startup of the Form Authentication Handler [1]. Tracking this down I
found, that the SecureRandom implementation uses /dev/random which may
block indefinitely to gather enough entropy to ensure secure random byte
stream.
10 matches
Mail list logo
