[crac] RFR: Reseed NativePRNG on checkpoint restore
Michael Bien
duke at openjdk.java.net
Fri Dec 24 06:40:43 UTC 2021
On Thu, 23 Dec 2021 11:30:13 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:
> NativePRNG should be re-seeded during checkpoint/restore because it uses SHA1PRNG secure random for additional seed. It is seeded at initialization, so it is not re-seeded automatically during checkpoint/restore
> Also, the internal buffer should be cleared at the checkpoint.
src/java.base/unix/classes/sun/security/provider/NativePRNG.java line 595:
> 593: for(int i=0; i<nextBuffer.length; i++) {
> 594: nextBuffer[i] = 0;
> 595: }
could use Arrays.fill
-------------
PR: https://git.openjdk.java.net/crac/pull/9
More information about the crac-dev
mailing list