[crac] RFR: Reseed secure random on checkpoint restore
Alexey Bakhtin
abakhtin at openjdk.java.net
Mon Dec 20 15:48:15 UTC 2021
Proposed changes in the SecureRandom implementation allow invalidating and reseeding SHA1PRNG secure random during checkpoint/restore. SHA1PRNG can be invalidated and reseeded in case of being created with a default embedded seed generator. Also, SHA1PRNG is used as an additional seed generator to the SUN NativePRNG implementation, so it is desirable to have reseeded SHA1PRNG after restore.
Two jtreg tests added:
- verify if no deadlocks introduced by checkpoint/restore
- verify if SHA1PRNG is reseeded if created with default embedded seed generator
-------------
Commit messages:
- Reseed secure random on checkpoint restore
Changes: https://git.openjdk.java.net/crac/pull/7/files
Webrev: https://webrevs.openjdk.java.net/?repo=crac&pr=7&range=00
Stats: 431 lines in 5 files changed: 381 ins; 11 del; 39 mod
Patch: https://git.openjdk.java.net/crac/pull/7.diff
Fetch: git fetch https://git.openjdk.java.net/crac pull/7/head:pull/7
PR: https://git.openjdk.java.net/crac/pull/7
More information about the crac-dev
mailing list