On Wed, 17 Mar 2021 20:40:16 GMT, Xue-Lei Andrew Fan <xue...@openjdk.org> wrote:
>> To minimize the impact, I leave the JCAUtil.getSecureRandom() impl as is. I >> suppose this is more for JDK internal code which is not required to use the >> most preferred SecureRandom impl. There are quite a few callers to this >> method and I feel it's better to leave them out of this change. > >> To minimize the impact, I leave the JCAUtil.getSecureRandom() impl as is. I >> suppose this is more for JDK internal code which is not required to use the >> most preferred SecureRandom impl. There are quite a few callers to this >> method and I feel it's better to leave them out of this change. > > The internal use may be just to avoid to create new instances of > SecureRandom. Those use may need to use the latest updated secure random > provider as well, for example the use in DSA key pair generation > (DSAKeyPairGenerator.java). > > With this update, I think the performance impact should be minimal and we may > be able to have a uniform behavior no matter internal or external uses. Maybe. We can do that in a separate changeset... ------------- PR: https://git.openjdk.java.net/jdk/pull/3018
