On 05/22/2014 08:34 PM, Bernd Eckenfels wrote:
Hello,
by browsing the source code I run across the JCAUtil class. It is
(among other stuff) responsible for providing a SecureRandom singleton.
The code looks a bit strange.
First of all, it defines a LOCK object, but instead of using an
unreachab
And just a followup: it is interesting to note, that this Utility is
still used as default random source for Key Generators and DSA
Signatures. I would expect those need to refer to
SecureRandom.getInstanceStrong() instead? (the string instance getter
is nowhere used?)
Bernd
