Kai Tietz wrote: > * gnu/java/security/jce/prng/natVMSecureRandomWin32.cc: Implementation > for native win32. > > Tested for x86 and x64 mingw targets. Ok for apply?
+ for (a = 0; a < length; a++, count++)
+ *bytes++= (jbyte) rand ();
Surely not, the standard C library rand() function is completely unsuitable
for security purposes. It should use the win32 crypto api to get real
high-quality random data I think.
cheers,
DaveK
