United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
JDK-4917421 : SecureRandom spec should explicitly mention true random implementations

Details
Type:
Bug
Submit Date:
2003-09-04
Status:
Resolved
Updated Date:
2003-09-27
Project Name:
JDK
Resolved Date:
2003-09-27
Component:
security-libs
OS:
generic
Sub-Component:
java.security
CPU:
generic
Priority:
P4
Resolution:
Fixed
Affected Versions:
5.0
Fixed Versions:
5.0 (tiger)

Related Reports

Sub Tasks

Description
The spec of the SecureRandom class currently only talks about PRNG implementations. However, the implicit intent of the class is clearly to also allow for implementations where nextBytes() returns true random bytes, as may be possible in some hardware configurations. There are also PRNG implementations that continously reseed themselves as entropy becomes available, such as /dev/urandom available on some Unix versions.

The spec should be enhanced to explicitly mention such implementations.

                                    

Comments
CONVERTED DATA

BugTraq+ Release Management Values

COMMIT TO FIX:
tiger

FIXED IN:
tiger

INTEGRATED IN:
tiger
tiger-b22


                                     
2004-06-14
EVALUATION

CCC being filed.

###@###.### 2003-09-05
                                     
2003-09-05



Hardware and Software, Engineered to Work Together