[crac] RFR: Reseed secure random on checkpoint restore [v3]

Alexey Bakhtin abakhtin at openjdk.java.net
Wed Jan 12 14:09:34 UTC 2022

> Proposed changes in the SecureRandom implementation allow invalidating and reseeding SHA1PRNG secure random during checkpoint/restore. SHA1PRNG can be invalidated and reseeded in case of being created with a default embedded seed generator. Also, SHA1PRNG is used as an additional seed generator to the SUN NativePRNG implementation, so it is desirable to have reseeded SHA1PRNG after restore.
> Two jtreg tests added: 
> - verify if no deadlocks introduced by checkpoint/restore
> - verify if SHA1PRNG is reseeded if created with default embedded seed generator

Alexey Bakhtin has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains four additional commits since the last revision:

 - Set JDKResource priorities for SecureRandom
 - Merge branch 'crac' of https://github.com/openjdk/crac into SecureRandom
 - Add separate JDKResorce for seeder
 - Reseed secure random on checkpoint restore


  - all: https://git.openjdk.java.net/crac/pull/7/files
  - new: https://git.openjdk.java.net/crac/pull/7/files/e26d0b81..8e054933

 - full: https://webrevs.openjdk.java.net/?repo=crac&pr=7&range=02
 - incr: https://webrevs.openjdk.java.net/?repo=crac&pr=7&range=01-02

  Stats: 272 lines in 13 files changed: 253 ins; 0 del; 19 mod
  Patch: https://git.openjdk.java.net/crac/pull/7.diff
  Fetch: git fetch https://git.openjdk.java.net/crac pull/7/head:pull/7

PR: https://git.openjdk.java.net/crac/pull/7

More information about the crac-dev mailing list