[crac] RFR: Reseed secure random on checkpoint restore [v7]
Anton Kozlov
akozlov at openjdk.java.net
Fri Jan 28 13:45:45 UTC 2022
On Fri, 28 Jan 2022 12:55:12 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:
>> Proposed changes in the SecureRandom implementation allow invalidating and reseeding SHA1PRNG secure random during checkpoint/restore. SHA1PRNG can be invalidated and reseeded in case of being created with a default embedded seed generator. Also, SHA1PRNG is used as an additional seed generator to the SUN NativePRNG implementation, so it is desirable to have reseeded SHA1PRNG after restore.
>> Two jtreg tests added:
>> - verify if no deadlocks introduced by checkpoint/restore
>> - verify if SHA1PRNG is reseeded if created with default embedded seed generator
>
> Alexey Bakhtin has updated the pull request incrementally with one additional commit since the last revision:
>
> Exclude CheckpointException from import
Looks good to me!
-------------
Marked as reviewed by akozlov (Lead).
PR: https://git.openjdk.java.net/crac/pull/7
More information about the crac-dev
mailing list