RFR 8154523: SHA1PRNG output should change after reset

Xuelei Fan xuelei.fan at oracle.com
Sun May 8 14:26:50 UTC 2016


On 5/8/2016 9:06 PM, Wang Weijun wrote:
> Ping again.
> 
>> On May 3, 2016, at 10:26 AM, Wang Weijun <weijun.wang at oracle.com> wrote:
>>
>> Hi All
>>
>> Please take a review at
>>
>>  http://cr.openjdk.java.net/~weijun/8154523/webrev.00
>>
>> Basically, a reset in SHA1PRNG should forget the internal state and cached output.
>>
The spec of SecureRandomSpi.engineSetSeed() says:

   The given seed supplements, rather than replaces, the existing seed.

If I'm understand correctly, reseed is not the same as reset.  It should
be OK to use the cached output for performance if the previous seed is OK.

Xuelei



More information about the security-dev mailing list