You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@commons.apache.org by tv...@apache.org on 2021/12/31 10:04:10 UTC

[commons-jcs] 02/02: Add paragraph about SecureRandom

This is an automated email from the ASF dual-hosted git repository.

tv pushed a commit to branch release-3.1
in repository https://gitbox.apache.org/repos/asf/commons-jcs.git

commit ee1ef74bff04c46a11b27a0a5a6812462f6373f0
Author: Thomas Vandahl <tv...@apache.org>
AuthorDate: Fri Dec 31 11:03:51 2021 +0100

    Add paragraph about SecureRandom
---
 xdocs/ElementSerializers.xml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/xdocs/ElementSerializers.xml b/xdocs/ElementSerializers.xml
index 1b14d66..f1ec41e 100644
--- a/xdocs/ElementSerializers.xml
+++ b/xdocs/ElementSerializers.xml
@@ -83,6 +83,12 @@ jcs.auxiliary.blockDiskCache2.serializer.attributes.preSharedKey=my_secret
 jcs.auxiliary.blockDiskCache2.serializer.attributes.aesCipherTransformation=AES/GCM/NoPadding
                 ]]>
             </source>
+
+            <p> The encryption code uses the default constructor of SecureRandom() to create
+                a random number generator. Depending on your security requirements, you should
+                configure a SecureRandom that works for your environment, giving preference to 
+                the ones with good randomness (given that your environment generates entropy fast 
+                enough, we saw problems with Linux).</p>
         </section>
 	</body>
 </document>
\ No newline at end of file