Code review request, CR 7145837, jsse/runtime, a little performance improvement on the usage of SecureRandom
Brad Wetmore
bradford.wetmore at oracle.com
Wed Feb 15 23:28:43 UTC 2012
Looks ok to me too, but it seems a shame to keep this SecureRandom
instance for a single test (AES_256) during cipher initialization. Once
the condition is test, and the result is added to the cache, the
SecureRandom instance is never used again.
Brad
On 2/15/2012 8:03 AM, Chris Hegarty wrote:
> Looks fine to me, but I'm sure someone closer to the security area may
> also want to review.
>
> -Chris.
>
> On 15/02/2012 15:45, Xuelei Fan wrote:
>> I believe I have replied the mail. But cannot find the mail in the mail
>> system. It's weird.
>>
>> New webrev: http://cr.openjdk.java.net/~xuelei/7145837/webrev.01/.
>>
>> Moved secureRandom into BulkCipher block.
>>
>> Thanks,
>> Xuelei
>>
>>
>> On 2/15/2012 11:06 PM, Chris Hegarty wrote:
>>> Just out of curiosity, why is secureRandom defined in the outer class
>>> rather than privately in BulkCipher??
>>>
>>> -Chris.
>>>
>>> On 15/02/2012 14:21, Xuelei Fan wrote:
>>>> webrev: http://cr.openjdk.java.net/~xuelei/7145837/webrev/
>>>>
>>>> To use only one instance of SecureRandom for dummy/useless CipherBox
>>>> initialization.
>>>>
>>>> Thanks,
>>>> Xuelei
More information about the security-dev
mailing list