On linux, new SecureRandom() uses /dev/urandom for nextBytes() calls
and /dev/random for generateSeed().
I've found no call to generateSeed, so no blocking calls.
I've also double checked with "strace -e trace=read -y -f <jvb command>"
and i only see /dev/urandom reads (no /dev/random)
and only for connections initialisation
We are not sure of ZrtpFortuna safety at 100%:
on my desktop dev machine ZrtpFortunaEntropyGatherer.setEntropy()
return false (audioCaptureDevice == null) which mean that no reseeding take place
Initial seeding is made with SecureRandom since
Profiling show no performance impact, so better use a know good CSPRNG
some discussion already took place in #108 and #98
You can view, comment on, or merge this pull request online at:
-- Commit Summary --
* Use SecureRandom instead of ZrtpFortuna in DtlsControlImpl
-- File Changes --
M src/org/jitsi/impl/neomedia/transform/dtls/DtlsControlImpl.java (46)
M src/org/jitsi/impl/neomedia/transform/dtls/DtlsPacketTransformer.java (5)
-- Patch Links --
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: