PATCH: java.security improvements
Tom Tromey
tromey@redhat.com
Wed Feb 12 20:53:00 GMT 2003
>>>>> "Casey" == Casey Marshall <rsdio@metastatic.org> writes:
Casey> There is also a fix for a bias in the `next(int numBits)'
Casey> method of SecureRandom (filed as PR 9271).
This part is small enough to go in before the paperwork for the rest
is done. So I extracted it. I also rewrote a tiny piece of it. What
do you think of the appended?
I made two changes: we now compute the return mask more efficiently,
and also we take into account that `<<' has higher precedence than
`&'.
If you think this looks ok, I will check it in (to 3.3, 3.4, and
Classpath).
BTW, parts of the patch need reformatting to fit the classpath/libgcj
coding standard. Could you do that? That will make it easier to put
the patch in when the time comes.
Tom
Index: ChangeLog
from Casey Marshall <rsdio@metastatic.org>
PR libgcj/9271:
* java/security/SecureRandom.java (next): Avoid bias in results.
Index: java/security/SecureRandom.java
===================================================================
RCS file: /cvs/gcc/gcc/libjava/java/security/SecureRandom.java,v
retrieving revision 1.7
diff -u -r1.7 SecureRandom.java
--- java/security/SecureRandom.java 13 Dec 2002 14:21:07 -0000 1.7
+++ java/security/SecureRandom.java 12 Feb 2003 20:52:39 -0000
@@ -1,5 +1,5 @@
/* SecureRandom.java --- Secure Random class implmentation
- Copyright (C) 1999, 2001, 2002 Free Software Foundation, Inc.
+ Copyright (C) 1999, 2001, 2002, 2003 Free Software Foundation, Inc.
This file is part of GNU Classpath.
@@ -36,6 +36,7 @@
exception statement from your version. */
package java.security;
+
import java.io.Serializable;
import java.util.Random;
import java.util.Enumeration;
@@ -358,9 +359,10 @@
int ret = 0;
for (int i = 0; i < tmp.length; i++)
- ret |= tmp[i] << (8 * i);
+ ret |= (tmp[i] & 0xFF) << (8 * i);
- return ret;
+ long mask = (1L << numBits) - 1;
+ return (int) (ret & mask);
}
/**
More information about the Java-patches
mailing list