What is the /dev/urandom equivalent on Windows JVM level

Recently, I run into troubles because the lack of entropy and blocking rand IO caused hangs. On Linux, I can do the following:

JAVA_OPTS=-Djava.security.egd=/dev/urandom ./myStartScript.sh

What is the equivalent on Windows? We are running the app on both Linux and Windows servers, linux servers using OpenJDK JRE and Windows servers using Oracle JRE.

I found a lot of suggestions about CryptGenRandom, but how can I pass that to the app on the JVM level?


Solution 1:

I found documentation in jre/lib/security/java.security that confirms this. Here is the quote

Select the primary source of seed data for the "SHA1PRNG" and "NativePRNG" SecureRandom implementations in the "Sun" provider. (Other SecureRandom implementations might also use this property.)

On Unix-like systems (for example, Solaris/Linux/MacOS), the "NativePRNG" and "SHA1PRNG" implementations obtains seed data from special device files such as file:/dev/random.

On Windows systems, specifying the URLs "file:/dev/random" or "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding mechanism for SHA1PRNG.

By default, an attempt is made to use the entropy gathering device specified by the "securerandom.source" Security property. If an exception occurs while accessing the specified URL:

 SHA1PRNG:
     the traditional system/thread activity algorithm will be used.

 NativePRNG:
     a default value of /dev/random will be used.  If neither
     are available, the implementation will be disabled.
     "file" is the only currently supported protocol type.