RFR: 8357915: SecureRandom nextLong memory usage
ExE Boss
duke at openjdk.org
Mon Jun 30 05:32:26 UTC 2025
On Thu, 26 Jun 2025 18:00:21 GMT, Koushik Muthukrishnan Thirupattur <duke at openjdk.org> wrote:
> SecureRandom uses straightforward implementations inherited from Random but in the process does double the memory allocations necessary.
> The delegation to SecureRandom.engineNextBytes does not provide `int` or `long` values, the caller must allocate a byte array and assemble the value itself.
> So added an implementation in SecureRandom that call nextBytes(8 bytes) and then convert that to a long.
src/java.base/share/classes/java/security/SecureRandom.java line 842:
> 840:
> 841: @Override
> 842: public synchronized long nextLong() {
Does not need to be `synchronized`, as that’s handled by the `synchronized` block in `nextBytes(…)`:
Suggestion:
public long nextLong() {
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/26005#discussion_r2173519227
More information about the security-dev
mailing list