Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8042904

apple.security.KeychainStore.getSalt() calling generateSeed()

XMLWordPrintable

        While looking at JDK-6491602, I did a search of the codebase to look for similar occurrences. This one came up.

        (src/java.base/macosx/classes/apple/security/KeychainStore.java)

            private byte[] getSalt()
            {
                // Generate a random salt.
                byte[] salt = new byte[SALT_LEN];
                if (random == null) {
                    random = new SecureRandom();
                }
                salt = random.generateSeed(SALT_LEN);
                return salt;
            }

        I think SecureRandom.nextBytes is more appropriate here and better for performance.

              coffeys Sean Coffey
              coffeys Sean Coffey
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: