RFR: 8357915: SecureRandom nextLong memory usage
Chen Liang
liach at openjdk.org
Mon Jun 30 05:32:27 UTC 2025
On Thu, 26 Jun 2025 18:00:21 GMT, Koushik Muthukrishnan Thirupattur <duke at openjdk.org> wrote:
> SecureRandom uses straightforward implementations inherited from Random but in the process does double the memory allocations necessary.
> The delegation to SecureRandom.engineNextBytes does not provide `int` or `long` values, the caller must allocate a byte array and assemble the value itself.
> So added an implementation in SecureRandom that call nextBytes(8 bytes) and then convert that to a long.
src/java.base/share/classes/java/security/SecureRandom.java line 859:
> 857: byte[] b = new byte[8];
> 858: nextBytes(b); // Calls engineNextBytes internally
> 859: return ((long)(b[0] & 0xff) << 56) |
You can use `ByteArray.getLong(b, 0)` instead. And I don't think we need to rewrite the API specification.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/26005#discussion_r2169666613
More information about the security-dev
mailing list