Mercurial > hg > openjdk > jdk6 > jdk
changeset 1524:4142e4cb6de0
7142339: PKCS7.java is needlessly creating SHA1PRNG SecureRandom instances when timestamping is not done
Reviewed-by: xuelei, wetmore
| author | vinnie |
|---|---|
| date | Mon, 05 Dec 2016 06:18:53 +0000 |
| parents | e158d250b641 |
| children | e1a98017e4ea |
| files | src/share/classes/sun/security/pkcs/PKCS7.java |
| diffstat | 1 files changed, 14 insertions(+), 11 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/sun/security/pkcs/PKCS7.java Mon Dec 05 06:08:11 2016 +0000 +++ b/src/share/classes/sun/security/pkcs/PKCS7.java Mon Dec 05 06:18:53 2016 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -73,16 +73,19 @@ /* * Random number generator for creating nonce values + * (Lazy initialization) */ - private static final SecureRandom RANDOM; - static { - SecureRandom tmp = null; - try { - tmp = SecureRandom.getInstance("SHA1PRNG"); - } catch (NoSuchAlgorithmException e) { - // should not happen + private static class SecureRandomHolder { + static final SecureRandom RANDOM; + static { + SecureRandom tmp = null; + try { + tmp = SecureRandom.getInstance("SHA1PRNG"); + } catch (NoSuchAlgorithmException e) { + // should not happen + } + RANDOM = tmp; } - RANDOM = tmp; } /* @@ -844,8 +847,8 @@ // Generate a nonce BigInteger nonce = null; - if (RANDOM != null) { - nonce = new BigInteger(64, RANDOM); + if (SecureRandomHolder.RANDOM != null) { + nonce = new BigInteger(64, SecureRandomHolder.RANDOM); tsQuery.setNonce(nonce); } tsQuery.requestCertificate(true);