Details
-
Type:
Bug
-
Status: Resolved
-
Priority:
P4
-
Resolution: Fixed
-
Affects Version/s: 8, 11, 13
-
Fix Version/s: 13
-
Component/s: security-libs
-
Labels:
-
Subcomponent:
-
Resolved In Build:b23
Backports
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8225820 | 14 | Sean Coffey | P4 | Resolved | Fixed | team |
Description
While looking at JDK-6491602, I did a search of the codebase to look for similar occurrences. This one came up.
(src/java.base/macosx/classes/apple/security/KeychainStore.java)
private byte[] getSalt()
{
// Generate a random salt.
byte[] salt = new byte[SALT_LEN];
if (random == null) {
random = new SecureRandom();
}
salt = random.generateSeed(SALT_LEN);
return salt;
}
I think SecureRandom.nextBytes is more appropriate here and better for performance.
(src/java.base/macosx/classes/apple/security/KeychainStore.java)
private byte[] getSalt()
{
// Generate a random salt.
byte[] salt = new byte[SALT_LEN];
if (random == null) {
random = new SecureRandom();
}
salt = random.generateSeed(SALT_LEN);
return salt;
}
I think SecureRandom.nextBytes is more appropriate here and better for performance.
Attachments
Issue Links
- backported by
-
JDK-8225820 apple.security.KeychainStore.getSalt() calling generateSeed()
-
- Resolved
-
- relates to
-
JDK-6491602 PKCS12 KeyStore should not call secureRandom.generateSeed()
-
- Closed
-