RFR: 8308474: DSA does not reset SecureRandom when initSign is called again
Bernd
duke at openjdk.org
Wed Jun 7 20:58:49 UTC 2023
On Wed, 7 Jun 2023 19:53:26 GMT, Ben Perez <duke at openjdk.org> wrote:
>> test/jdk/sun/security/provider/DSA/SecureRandomReset.java line 51:
>>
>>> 49:
>>> 50: // Re-initialize deterministic RNG and sign
>>> 51: s.initSign(sk, deterministic());
>>
>> Does this test depend on the fact that if the reset was missing it would ask the first deterministic RNG for a second random number which („by luck“) is different from the first number of a re-seeded second instance?
>
> It does - I'll change the test to not have this potential failure mode.
I think it’s fine (just wanted to make sure i understood the problem correctly), especially with the fixed seed. You could just comment it with „with this seed the first two invocations produce different material“ or something like that?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/14273#discussion_r1222166568
More information about the security-dev
mailing list