RFR: 8357915: SecureRandom nextLong memory usage
Koushik Muthukrishnan Thirupattur
duke at openjdk.org
Mon Jun 30 05:32:27 UTC 2025
On Thu, 26 Jun 2025 18:16:28 GMT, Chen Liang <liach at openjdk.org> wrote:
>> SecureRandom uses straightforward implementations inherited from Random but in the process does double the memory allocations necessary.
>> The delegation to SecureRandom.engineNextBytes does not provide `int` or `long` values, the caller must allocate a byte array and assemble the value itself.
>> So added an implementation in SecureRandom that call nextBytes(8 bytes) and then convert that to a long.
>
> src/java.base/share/classes/java/security/SecureRandom.java line 859:
>
>> 857: byte[] b = new byte[8];
>> 858: nextBytes(b); // Calls engineNextBytes internally
>> 859: return ((long)(b[0] & 0xff) << 56) |
>
> You can use `ByteArray.getLong(b, 0)` instead. And I don't think we need to rewrite the API specification.
As per our discussion, I have made the changes.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/26005#discussion_r2170263918
More information about the security-dev
mailing list