Hello people,
I am kind of new to this kind of mailing list, so do not hesitate to
indicate to me if I have any inappropriate behavior (even if I hope it
should not be the case).
I recently came upon Java and Java security related aspects, mostly around
the SecurityManager and what orbits around.
Hi Xuelei,
Please find comments in line.
On 8/18/2020 10:13 PM, Xuelei Fan wrote:
On 8/18/2020 2:43 PM, Valerie Peng wrote:
Using a shared instance is surely faster. However, the API specified
that the most preferred SecureRandom impl will be used. To ensure
this for all scenarios, creating
I don't feel it's the right fix, but rather just a workaround...
A better workaround would be to switch to "JCAUtil.getSecureRandom()"
instead of JceSecurity.RANDOM. ;)
Valerie
On 8/19/2020 5:47 AM, Sean Mullan wrote:
In the bug report, the following fix was suggested:
"The fix to the issue
Looks fine Julia
On 8/18/20 1:02 PM, Julia Boes wrote:
Hi,
The two changes below still need to be reviewed. Any takers?
Cheers,
Julia
---
old/src/java.base/share/classes/java/lang/invoke/AbstractValidatingLambdaMetafactory.java2020-08-14
23:55:41.953638446 +0530
+++
new/src/java.base/sha
In the bug report, the following fix was suggested:
"The fix to the issue should be simple, just move the initialization of
the verificationResults Map BEFORE the SecureRandom initialization in
JceSecurity.java"
Does that not work for some reason?
--Sean
On 8/19/20 1:13 AM, Xuelei Fan wrote
