RFR 8051408: JEP 273: DRBG-Based SecureRandom Implementations
Wang Weijun
weijun.wang at oracle.com
Wed Apr 20 14:27:52 UTC 2016
> On Apr 20, 2016, at 12:00 PM, Wang Weijun <weijun.wang at oracle.com> wrote:
>
>> src/java.base/share/classes/sun/security/provider/AbstractDrbg.java
>> ===================================================================
>> line 66-68: My understanding is that ...
>>
>> I would suggest rewords or remove this sentence. "Not used much" does
>> not mean needing no synchronization.
>
> Of course.
>
> Precisely engineNextBytes() should synchronize on both states and configuration, and engineGenerateSeed() should synchronize only on configuration. But since engineGenerateSeed() is not used a lot, I don't think it's not worth coding it with a special synchronize(configuration) so both now just synchronize on "this".
>
>> As you have add synchronized
>> keyword for engineGenerateSeed, I may suggest you remove lines 63-68,
>> and move 57-61 to class description.
>
> I'll move 57-61 to class description, and would like to keep 63-68 there, and update the words "does not need to be synchronized" to "does not need to be synchronized on the internal states".
I rethink about this and decide to make a big change.
Instead of from its own entropy source (in most cases just another DRBG), AbstractDrbg#engineGenerateSeed will read from SeedGenerator (the ultimate entropy source of all DRBGs) directly. Thus it is totally unrelated to this DRBG and the synchronized modifier will be removed. 63-68 will go too.
This is modeled after SHA1PRNG.
Thanks
Max
More information about the security-dev
mailing list