Hi all,
In the OpenJDK source code of the BigInteger class, there is a static variable named staticRandom which stores a SecureRandom object:
private static volatile Random staticRandom;
private static Random getSecureRandom() {
if (staticRandom == null) {
staticRandom = new java.security.SecureRandom();
}
return staticRandom;
}
We got troubles if the provider associated with this SecureRandom instance is removed (Security.removeProvider), since this static variable is not refreshed.
Is that a Java bug ?