[crac] RFR: Reseed secure random on checkpoint restore [v5]
Alexey Bakhtin
abakhtin at openjdk.java.net
Thu Jan 27 09:00:44 UTC 2022
> Proposed changes in the SecureRandom implementation allow invalidating and reseeding SHA1PRNG secure random during checkpoint/restore. SHA1PRNG can be invalidated and reseeded in case of being created with a default embedded seed generator. Also, SHA1PRNG is used as an additional seed generator to the SUN NativePRNG implementation, so it is desirable to have reseeded SHA1PRNG after restore.
> Two jtreg tests added:
> - verify if no deadlocks introduced by checkpoint/restore
> - verify if SHA1PRNG is reseeded if created with default embedded seed generator
Alexey Bakhtin has updated the pull request incrementally with one additional commit since the last revision:
Added assert in SecureRandom.invalidate()
-------------
Changes:
- all: https://git.openjdk.java.net/crac/pull/7/files
- new: https://git.openjdk.java.net/crac/pull/7/files/3ade9580..8e7944f9
Webrevs:
- full: https://webrevs.openjdk.java.net/?repo=crac&pr=7&range=04
- incr: https://webrevs.openjdk.java.net/?repo=crac&pr=7&range=03-04
Stats: 2 lines in 1 file changed: 1 ins; 0 del; 1 mod
Patch: https://git.openjdk.java.net/crac/pull/7.diff
Fetch: git fetch https://git.openjdk.java.net/crac pull/7/head:pull/7
PR: https://git.openjdk.java.net/crac/pull/7
More information about the crac-dev
mailing list