Code review request: 7142339: PKCS7.java is needlessly creating SHA1PRNG SecureRandom instances when timestamping is not done

Vincent Ryan vincent.x.ryan at oracle.com
Wed Feb 8 09:18:22 UTC 2012


Please review the following change:
  http://cr.openjdk.java.net/~vinnie/7142339/webrev.00/

for http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7142339

It employs lazy initialization to avoid the overhead of creating a secure
random number generator in code that never uses signature timestamping.

Thanks.



More information about the security-dev mailing list