[crac] Integrated: Reseed secure random on checkpoint restore
abakhtin at openjdk.java.net
Mon Jan 31 09:31:49 UTC 2022
On Fri, 17 Dec 2021 13:38:18 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:
> Proposed changes in the SecureRandom implementation allow invalidating and reseeding SHA1PRNG secure random during checkpoint/restore. SHA1PRNG can be invalidated and reseeded in case of being created with a default embedded seed generator. Also, SHA1PRNG is used as an additional seed generator to the SUN NativePRNG implementation, so it is desirable to have reseeded SHA1PRNG after restore.
> Two jtreg tests added:
> - verify if no deadlocks introduced by checkpoint/restore
> - verify if SHA1PRNG is reseeded if created with default embedded seed generator
This pull request has now been integrated.
Author: Alexey Bakhtin <abakhtin at openjdk.org>
Committer: Anton Kozlov <akozlov at openjdk.org>
Stats: 258 lines in 4 files changed: 209 ins; 5 del; 44 mod
Reseed secure random on checkpoint restore
More information about the crac-dev