I have some Java code which is creating a KeyPair using JCS and Bouncey Castle. When I create a keypair on a physical Linux system like my desktop it works fine. The key generation takes a second or two. When I run the same code on a VM the key gen usually "hangs" (I leave it running for up to 5 minutes). Sometimes it works in under 30 seconds but that's rare.
I'm guessing that this has something to do with not enough randomness being available on the VM, but I don't know how to work around this.
Here is the test code which is pulled from my actual program code and condensed:
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
public class KeyPairCreateTester {
private static final String RANDOM_ALGO = "SHA1PRNG";
public static void main(String[] args) {
final String keyAlgo = "RSA";
final int keySize = 2048;
try {
System.out.printf("Creating random instance using %s\n", RANDOM_ALGO);
SecureRandom random = SecureRandom.getInstance(RANDOM_ALGO);
System.out.printf("Creating key using algo %s size %d\n", keyAlgo, keySize);
KeyPairGenerator keygen = KeyPairGenerator.getInstance(keyAlgo);
System.out.printf("Initialize\n");
keygen.initialize(keySize, random);
System.out.printf("Generating key\n");
KeyPair keyPair = keygen.generateKeyPair();
System.out.println("Success");
} catch (NoSuchAlgorithmException e) {
System.err.println("No such algo");
}
}
}
The "hang" occurs after "Generating key".
Adjusting the keySize down to even 512 has only minimal effect. At 512 the key is generated a few times more often but it still hangs most of the time for at least 5 minutes.
The physical machine and the VM are both Ubuntu 16.04.
Java is 1.8.0_72 + 1.8.0_101 (I tried both).
Would REALLY appreciate some pointers on this one. It's driving me crazy!
