Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8154523

SHA1PRNG output should change after setSeed

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: P3 P3
    • 9
    • None
    • security-libs
    • b119
    • Verified

      Inside SHA1PRNG, random bytes are generated in 20-byte blocks that can be consumed by multiple nextXyz() calls. For example, one nextInt() uses the first 4 bytes, and the next nextInt() will use the next 4 bytes in the same block. And, if a setSeed() is called between them, the block is not thrown away and the 2nd nextInt() still returns the old data.

      This can be demonstrated by cloning a SHA1PRNG, call setSeed() on only one, and their nextInt() outputs the same value.

      This is a bug because after a setSeed() the output should be totally different.

            weijun Weijun Wang
            weijun Weijun Wang
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: