[CRYPTO-96] OpenSSL Random implementation silently falls back to Java - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None

Description

The OpensslRandom class silently falls back to using the Java implementation if the native code is loaded but the nextRandBytes method fails.

This seems wrong as it can cause unexpected results and mask problems.

The corresponding OpensslCipher class does not fall back to JCE.

Attachments

Activity

People

Assignee:: Dapeng Sun

Reporter:: Sebb

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 30/Jun/16 13:22

Updated:: 07/Jul/16 07:00

Resolved:: 07/Jul/16 07:00