PATCH: java.security improvements

[Tom Tromey]

>>>>> "Casey" == Casey Marshall <rsdio@metastatic.org> writes:

Casey> There is also a fix for a bias in the `next(int numBits)'
Casey> method of SecureRandom (filed as PR 9271).

This part is small enough to go in before the paperwork for the rest
is done.  So I extracted it.  I also rewrote a tiny piece of it.  What
do you think of the appended?

I made two changes: we now compute the return mask more efficiently,
and also we take into account that `<<' has higher precedence than
`&'.

If you think this looks ok, I will check it in (to 3.3, 3.4, and
Classpath).

BTW, parts of the patch need reformatting to fit the classpath/libgcj
coding standard.  Could you do that?  That will make it easier to put
the patch in when the time comes.

Tom


Index: ChangeLog
from  Casey Marshall  <rsdio@metastatic.org>

	PR libgcj/9271:
	* java/security/SecureRandom.java (next): Avoid bias in results.

Index: java/security/SecureRandom.java
===================================================================
RCS file: /cvs/gcc/gcc/libjava/java/security/SecureRandom.java,v
retrieving revision 1.7
diff -u -r1.7 SecureRandom.java
--- java/security/SecureRandom.java 13 Dec 2002 14:21:07 -0000 1.7
+++ java/security/SecureRandom.java 12 Feb 2003 20:52:39 -0000
@@ -1,5 +1,5 @@
 /* SecureRandom.java --- Secure Random class implmentation
-   Copyright (C) 1999, 2001, 2002 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2001, 2002, 2003 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -36,6 +36,7 @@
 exception statement from your version. */
 
 package java.security;
+
 import java.io.Serializable;
 import java.util.Random;
 import java.util.Enumeration;
@@ -358,9 +359,10 @@
     int ret = 0;
 
     for (int i = 0; i < tmp.length; i++)
-      ret |= tmp[i] << (8 * i);
+      ret |= (tmp[i] & 0xFF) << (8 * i);
 
-    return ret;
+    long mask = (1L << numBits) - 1;
+    return (int) (ret & mask);
   }
 
   /**