RFR: 8357915: SecureRandom nextLong memory usage [v2]
Roger Riggs
rriggs at openjdk.org
Wed Jul 2 17:55:39 UTC 2025
On Mon, 30 Jun 2025 17:45:23 GMT, Koushik Muthukrishnan Thirupattur <duke at openjdk.org> wrote:
>> SecureRandom uses straightforward implementations inherited from Random but in the process does double the memory allocations necessary.
>> The delegation to SecureRandom.engineNextBytes does not provide `int` or `long` values, the caller must allocate a byte array and assemble the value itself.
>> So added an implementation in SecureRandom that call nextBytes(8 bytes) and then convert that to a long.
>
> Koushik Muthukrishnan Thirupattur has updated the pull request incrementally with one additional commit since the last revision:
>
> 8357915: SecureRandom nextLong memory usage
The suggestion in the issue was to switch to RandomGenerator.nextLong() can you provide an explanation as to why that is not an acceptable solution. It would avoid any allocation. Thanks
-------------
PR Comment: https://git.openjdk.org/jdk/pull/26005#issuecomment-3021443543
More information about the security-dev
mailing list