RFR: 8308474: DSA does not reset SecureRandom when initSign is called again
Weijun Wang
weijun at openjdk.org
Wed Jun 7 21:17:50 UTC 2023
On Wed, 7 Jun 2023 20:55:55 GMT, Bernd <duke at openjdk.org> wrote:
>> It does - I'll change the test to not have this potential failure mode.
>
> I think it’s fine (just wanted to make sure i understood the problem correctly), especially with the fixed seed. You could just comment it with „with this seed the first two invocations produce different material“ or something like that?
Any random source should return different bytes when its `nextBytes` is called again. The major point here is when we see the same signature is generated, we can be sure the 2nd call to `initSign` does reinitiate the state of the random source inside to be exactly the same when the 1st `initSign` was called.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/14273#discussion_r1222185021
More information about the security-dev
mailing list