Looks ok to me too, but it seems a shame to keep this SecureRandom
instance for a single test (AES_256) during cipher initialization. Once
the condition is test, and the result is added to the cache, the
SecureRandom instance is never used again.
Brad
On 2/15/2012 8:03 AM, Chris Hegarty wrote:
Looks fine to me, but I'm sure someone closer to the security area may
also want to review.
-Chris.
On 15/02/2012 15:45, Xuelei Fan wrote:
I believe I have replied the mail. But cannot find the mail in the mail
system. It's weird.
New webrev: http://cr.openjdk.java.net/~xuelei/7145837/webrev.01/.
Moved secureRandom into BulkCipher block.
Thanks,
Xuelei
On 2/15/2012 11:06 PM, Chris Hegarty wrote:
Just out of curiosity, why is secureRandom defined in the outer class
rather than privately in BulkCipher??
-Chris.
On 15/02/2012 14:21, Xuelei Fan wrote:
webrev: http://cr.openjdk.java.net/~xuelei/7145837/webrev/
To use only one instance of SecureRandom for dummy/useless CipherBox
initialization.
Thanks,
Xuelei
