RFR 8051408: JEP 273: DRBG-Based SecureRandom Implementations
Wang Weijun
weijun.wang at oracle.com
Thu Apr 28 03:55:32 UTC 2016
http://cr.openjdk.java.net/~weijun/8051408/webrev.13
http://cr.openjdk.java.net/~weijun/8051408/webrev.13/spec
http://cr.openjdk.java.net/~weijun/8051408/webrev.13/specdiff
Another update.
1. Comment out health test for the moment.
2. Remove the following words in SecureRandom#nextBytes:
- * If the underlying implementation is prohibited from supplying a
- * full arrays worth of data, the application must repeatedly call
- * its generation algorithm until all elements in {@code bytes} are
- * filled with random data.
Instead, add these into SecureRandomSpi#engineNextBytes:
+ * Some random number generators can only generate a limit amount
+ * of random bytes per invocation. If the size of {@code bytes}
+ * is greater than this limit, the implementation should invoke
+ * the generation process multiple times to generate enough random bytes
+ * in a single {@code engineNextBytes} call.
Thanks
Max
More information about the security-dev
mailing list