RFR (XS) : 8042904: apple.security.KeychainStore.getSalt() calling generateSeed()

Seán Coffey Tue, 28 May 2019 07:46:13 -0700

https://bugs.openjdk.java.net/browse/JDK-8042904


Looking to correct this issue. SecureRandom.nextBytes looks like the method
which should be in use rather than generateSeed(int)

--- a/src/java.base/macosx/classes/apple/security/KeychainStore.java
+++ b/src/java.base/macosx/classes/apple/security/KeychainStore.java
@@ -1050,7 +1050,7 @@
         if (random == null) {
             random = new SecureRandom();
         }
-        salt = random.generateSeed(SALT_LEN);
+        random.nextBytes(salt);
         return salt;
     }

regards,
Sean.

RFR (XS) : 8042904: apple.security.KeychainStore.getSalt() calling generateSeed()

Reply via email to