-
Type:
Bug
-
Resolution: Fixed
-
Priority:
P2
-
Affects Version/s: 6
-
Component/s: security-libs
-
beta
-
generic
-
generic
The spec for the SecureRandom constructors used to say:
/**
* <p>By using this constructor, the caller obtains a SecureRandom object
* containing the implementation from the highest-priority installed
* provider that has a SecureRandom implementation.
*
but 6256153 changed it to
/**
* Constructs a SecureRandom object that implements the "SHA1PRNG"
* Random Number Generator (RNG) algorithm.
*
...
This is inconsistent with the implementation on Solaris/Linux, which returns a SecureRandom of type "NativePRNG" or "PKCS11" by default since Tiger. The spec should be reverted to the old version (with improved wording).
/**
* <p>By using this constructor, the caller obtains a SecureRandom object
* containing the implementation from the highest-priority installed
* provider that has a SecureRandom implementation.
*
but 6256153 changed it to
/**
* Constructs a SecureRandom object that implements the "SHA1PRNG"
* Random Number Generator (RNG) algorithm.
*
...
This is inconsistent with the implementation on Solaris/Linux, which returns a SecureRandom of type "NativePRNG" or "PKCS11" by default since Tiger. The spec should be reverted to the old version (with improved wording).
- relates to
-
-
- Resolved
-