Code review request: 7142339: is needlessly creating SHA1PRNG SecureRandom instances when timestamping is not done

Xuelei Fan at
Wed Feb 8 01:35:25 PST 2012

Looks fine to me.

Interesting fix that making use of the class loading priorities.


On 2/8/2012 5:18 PM, Vincent Ryan wrote:
> Please review the following change:
> for
> It employs lazy initialization to avoid the overhead of creating a secure
> random number generator in code that never uses signature timestamping.
> Thanks.

More information about the security-dev mailing list