This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: RFA: libjava seems to miss some files for win32
2009/7/18 Dave Korn <dave.korn.cygwin@googlemail.com>:
> Kai Tietz wrote:
>
>> ? ? ? * gnu/java/security/jce/prng/natVMSecureRandomWin32.cc: Implementation
>> ? ? ? for native win32.
>>
>> Tested for x86 and x64 mingw targets. Ok for apply?
>
> + ?for (a = 0; a < length; a++, count++)
> + ? *bytes++= (jbyte) rand ();
>
> ?Surely not, the standard C library rand() function is completely unsuitable
> for security purposes. ?It should use the win32 crypto api to get real
> high-quality random data I think.
>
> ? ?cheers,
> ? ? ?DaveK
>
>
Yes, I agree to this as I said in the patch post. Can we assume that
any win32 target has a working wincrypt.h file?
I just suggested this patch, to have at least an implementation here
for win32 for further improvement (Btw I missed in my initial patch to
include explicit <stdlib.h> here, too).
I am just running through libjava for an initial port for x64 windows.
There are a lot of assumptions about sizeof (long) == sizeof (void*),
but the worse thing I see is the casting of HANDLE values to jint. For
x86 this is fine, but for x64 this can lead to serious troubles.
Cheers,
Kai
--
| (\_/) This is Bunny. Copy and paste
| (='.'=) Bunny into your signature to help
| (")_(") him gain world domination