Mercurial > hg > release > icedtea6-1.10
view patches/security/20121016/7167656.patch @ 2593:6df81d93af9c
Add 2012/10/16 security updates.
2012-10-11 Andrew John Hughes <gnu.andrew@redhat.com>
* Makefile.am:
(SECURITY_PATCHES): Add new patches.
* patches/ecj/override.patch:
Add new cases in P11Key and RMIConnectionImpl
introduced by security patches.
* patches/ssl.patch:
Removed old unneeded patch which breaks with
this update.
* patches/security/20111018/7092186.patch:
Backport of patch added to OpenJDK6 by Oracle
as part of the last security update but not
included in the bundle delivered ahead of time.
* patches/security/20121016/6631398.patch,
* patches/security/20121016/7093490.patch,
* patches/security/20121016/7143535.patch,
* patches/security/20121016/7158801.patch,
* patches/security/20121016/7167656.patch,
* patches/security/20121016/7169884.patch,
* patches/security/20121016/7169888.patch,
* patches/security/20121016/7172522.patch,
* patches/security/20121016/7176337.patch,
* patches/security/20121016/7186286.patch,
* patches/security/20121016/7189103.patch,
* patches/security/20121016/7189490.patch,
* patches/security/20121016/7189567.patch,
* patches/security/20121016/7192975.patch,
* patches/security/20121016/7195194.patch,
* patches/security/20121016/7195917.patch,
* patches/security/20121016/7195919.patch,
* patches/security/20121016/7198296.patch,
* patches/security/20121016/7198606.patch,
* patches/security/20121016/hs20/7158800.patch,
* patches/security/20121016/hs20/7158804.patch,
* patches/security/20121016/original/7158800.patch,
* patches/security/20121016/original/7158804.patch:
New patches.
author | Andrew John Hughes <ahughes@redhat.com> |
---|---|
date | Fri, 12 Oct 2012 02:18:24 +0100 |
parents | |
children |
line wrap: on
line source
# HG changeset patch # User coffeys # Date 1340139680 -3600 # Node ID d04575148db287475168da344159e583f7bff02c # Parent 1e170e3c1b682d0f98a61a47e5049535c5bd4999 7167656: Multiple Seeders are being created Reviewed-by: wetmore diff --git a/src/share/classes/sun/security/provider/SecureRandom.java b/src/share/classes/sun/security/provider/SecureRandom.java --- openjdk/jdk/src/share/classes/sun/security/provider/SecureRandom.java +++ openjdk/jdk/src/share/classes/sun/security/provider/SecureRandom.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2003, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -56,12 +56,6 @@ private static final long serialVersionUID = 3581829991155417889L; - /** - * This static object will be seeded by SeedGenerator, and used - * to seed future instances of SecureRandom - */ - private static SecureRandom seeder; - private static final int DIGEST_SIZE = 20; private transient MessageDigest digest; private byte[] state; @@ -173,6 +167,28 @@ } /** + * This static object will be seeded by SeedGenerator, and used + * to seed future instances of SHA1PRNG SecureRandoms. + * + * Bloch, Effective Java Second Edition: Item 71 + */ + private static class SeederHolder { + + private static final SecureRandom seeder; + + static { + /* + * Call to SeedGenerator.generateSeed() to add additional + * seed material (likely from the Native implementation). + */ + seeder = new SecureRandom(SeedGenerator.getSystemEntropy()); + byte [] b = new byte[DIGEST_SIZE]; + SeedGenerator.generateSeed(b); + seeder.engineSetSeed(b); + } + } + + /** * Generates a user-specified number of random bytes. * * @param bytes the array to be filled in with random bytes. @@ -183,13 +199,8 @@ byte[] output = remainder; if (state == null) { - if (seeder == null) { - seeder = new SecureRandom(SeedGenerator.getSystemEntropy()); - seeder.engineSetSeed(engineGenerateSeed(DIGEST_SIZE)); - } - byte[] seed = new byte[DIGEST_SIZE]; - seeder.engineNextBytes(seed); + SeederHolder.seeder.engineNextBytes(seed); state = digest.digest(seed); }