[crac] RFR: Reseed secure random on checkpoint restore
Anton Kozlov
akozlov at openjdk.java.net
Fri Dec 24 08:52:44 UTC 2021
On Thu, 23 Dec 2021 16:09:01 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/provider/SecureRandom.java line 267:
>>
>>> 265: SeedGenerator.generateSeed(b);
>>> 266: seeder.engineSetSeed(b);
>>> 267: seeder.clearStateOnCheckpoint = true;
>>
>> This highlights that the `seeder` differs from any other SecureRandom. I would prefer `seeder` to be an object of a subclass of `SecureRandom`. This will also save us a field `isSeedGenerator` that is false for all except one object in the system.
>
> Unfortunately sun.security.provider.SecureRandom class is final. I think it was done intentionally for security reasons.
> isSeedGenerator can be easily replaced by comparison with SeederHolder.seeder but it'll eat time during restore.
Another option is to make `SeederHolder` to be the `Resource` that cleans `seeder` on checkpoint and creates one on restore. I think `seeder.clearStateOnCheckpoint = true` won't be needed, as the next checkpoint will clear-up the seeder again.
-------------
PR: https://git.openjdk.java.net/crac/pull/7
More information about the crac-dev
mailing list