RFR: 8260274: Cipher.init(int, key) does not use highest priority provider for random bytes [v2]

[Valerie Peng]

On Wed, 17 Mar 2021 20:40:16 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:

>> To minimize the impact, I leave the JCAUtil.getSecureRandom() impl as is. I suppose this is more for JDK internal code which is not required to use the most preferred SecureRandom impl. There are quite a few callers to this method and I feel it's better to leave them out of this change.
>
>> To minimize the impact, I leave the JCAUtil.getSecureRandom() impl as is. I suppose this is more for JDK internal code which is not required to use the most preferred SecureRandom impl. There are quite a few callers to this method and I feel it's better to leave them out of this change.
> 
> The internal use may be just to avoid to create new instances of SecureRandom.   Those use may need to use the latest updated secure random provider as well, for example the use in DSA key pair generation (DSAKeyPairGenerator.java).
> 
> With this update, I think the performance impact should be minimal and we may be able to have a uniform behavior no matter internal or external uses.

Maybe. We can do that in a separate changeset...

-------------

PR: https://git.openjdk.java.net/jdk/pull/3018