RFR: 8260274: Cipher.init(int, key) does not use highest priority provider for random bytes
Xue-Lei Andrew Fan
xuelei at openjdk.java.net
Mon Mar 15 20:59:09 UTC 2021
On Mon, 15 Mar 2021 20:39:13 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
> Can someone help review this somewhat trivial change?
>
> Updated JCAUtil class to return the cached SecureRandom object only when the provider configuration has not changed.
> Added a regression test to check the affected classes, i.e. AlgorithmParameterGenerator, KeyPairGenerator, Cipher, KeyAgreement, KeyGenerator.
>
> Thanks,
> Valerie
src/java.base/share/classes/sun/security/jca/JCAUtil.java line 62:
> 60: private static SecureRandom instance = new SecureRandom();
> 61: public static SecureRandom instance(boolean checkConfig) {
> 62: synchronized (CachedSecureRandomHolder.class) {
Is there a performance regression because of this synchronization?
-------------
PR: https://git.openjdk.java.net/jdk/pull/3018
More information about the security-dev
mailing list