Code review request: 7142339: PKCS7.java is needlessly creating SHA1PRNG SecureRandom instances when timestamping is not done (original) (raw)

Xuelei Fan xuelei.fan at oracle.com
Wed Feb 8 09:35:25 UTC 2012


Looks fine to me.

Interesting fix that making use of the class loading priorities.

Xuelei

On 2/8/2012 5:18 PM, Vincent Ryan wrote:

Please review the following change: http://cr.openjdk.java.net/~vinnie/7142339/webrev.00/

for http://bugs.sun.com/bugdatabase/viewbug.do?bugid=7142339 It employs lazy initialization to avoid the overhead of creating a secure random number generator in code that never uses signature timestamping. Thanks.



More information about the security-dev mailing list