RFR: 8308474: DSA does not reset SecureRandom when initSign is called again
Ben Perez
duke at openjdk.org
Wed Jun 7 19:56:49 UTC 2023
On Wed, 7 Jun 2023 07:00:45 GMT, Bernd <duke at openjdk.org> wrote:
>> Fixed `engineInitSign` in `DSA.java` and added `SecureRandomReset.java` to DSA tests
>
> test/jdk/sun/security/provider/DSA/SecureRandomReset.java line 51:
>
>> 49:
>> 50: // Re-initialize deterministic RNG and sign
>> 51: s.initSign(sk, deterministic());
>
> Does this test depend on the fact that if the reset was missing it would ask the first deterministic RNG for a second random number which („by luck“) is different from the first number of a re-seeded second instance?
It does - I'll change the test to not have this potential failure mode.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/14273#discussion_r1222088990
More information about the security-dev
mailing list