Code review request: 7142339: PKCS7.java is needlessly creating SHA1PRNG SecureRandom instances when timestamping is not done

Brad Wetmore bradford.wetmore at oracle.com
Wed Feb 8 20:54:36 UTC 2012


Still looks good, thanks for making the minor style corrections.  :)

Cheers,

Brad



On 2/8/2012 1:18 AM, Vincent Ryan wrote:
> Please review the following change:
>    http://cr.openjdk.java.net/~vinnie/7142339/webrev.00/
>
> for http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7142339
>
> It employs lazy initialization to avoid the overhead of creating a secure
> random number generator in code that never uses signature timestamping.
>
> Thanks.



More information about the security-dev mailing list