From 111d7e2bb3c4fbfed8b448633d3e8c1c6e5661db Mon Sep 17 00:00:00 2001 From: tkellner Date: Fri, 27 Jan 2012 15:26:49 +0000 Subject: Replace (important) instances of Random with SecureRandom git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@1023 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java | 6 +++--- .../at/gv/egiz/bku/slcommands/impl/xsect/IdValueFactoryImpl.java | 4 ++-- smcc/src/main/java/at/gv/egiz/smcc/DNIeCryptoUtil.java | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java index 7744b166..bb81c94b 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java @@ -44,10 +44,10 @@ import java.security.GeneralSecurityException; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.KeyStore; +import java.security.SecureRandom; import java.security.NoSuchAlgorithmException; import java.util.Calendar; import java.util.GregorianCalendar; -import java.util.Random; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -80,7 +80,7 @@ public class TLSServerCA { caKeyPair = generateKeyPair(); caCert = new X509Certificate(); - caCert.setSerialNumber(new BigInteger(20, new Random())); + caCert.setSerialNumber(new BigInteger(20, new SecureRandom())); caCert.setSubjectDN(subject); caCert.setPublicKey(caKeyPair.getPublic()); caCert.setIssuerDN(subject); @@ -116,7 +116,7 @@ public class TLSServerCA { serverKeyPair = generateKeyPair(); serverCert = new X509Certificate(); - serverCert.setSerialNumber(new BigInteger(20, new Random())); + serverCert.setSerialNumber(new BigInteger(20, new SecureRandom())); serverCert.setSubjectDN(subject); serverCert.setPublicKey(serverKeyPair.getPublic()); serverCert.setIssuerDN(caCert.getSubjectDN()); diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/IdValueFactoryImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/IdValueFactoryImpl.java index 81747490..6856ab1a 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/IdValueFactoryImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/IdValueFactoryImpl.java @@ -26,7 +26,7 @@ package at.gv.egiz.bku.slcommands.impl.xsect; import java.util.HashMap; import java.util.Map; -import java.util.Random; +import java.security.SecureRandom; /** * An implementation of the IdValueFactory. @@ -108,7 +108,7 @@ public class IdValueFactoryImpl implements IdValueFactory { */ public IdValueFactoryImpl() { - Random random = new Random(); + SecureRandom random = new SecureRandom(); int rand = random.nextInt(); seed = Integer.toHexString(rand); diff --git a/smcc/src/main/java/at/gv/egiz/smcc/DNIeCryptoUtil.java b/smcc/src/main/java/at/gv/egiz/smcc/DNIeCryptoUtil.java index c4e27d08..75095c10 100644 --- a/smcc/src/main/java/at/gv/egiz/smcc/DNIeCryptoUtil.java +++ b/smcc/src/main/java/at/gv/egiz/smcc/DNIeCryptoUtil.java @@ -32,6 +32,7 @@ import java.security.InvalidKeyException; import java.security.Key; import java.security.KeyFactory; import java.security.MessageDigest; +import java.security.SecureRandom; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.cert.CertificateFactory; @@ -42,7 +43,6 @@ import java.security.spec.KeySpec; import java.security.spec.RSAPrivateKeySpec; import java.security.spec.RSAPublicKeySpec; import java.util.Arrays; -import java.util.Random; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; @@ -122,7 +122,7 @@ public class DNIeCryptoUtil { for (int i = 0; i < length; i++) { - Random rand = new Random(); + SecureRandom rand = new SecureRandom(); byte current = (byte) rand.nextInt(255); result[i] = current; } -- cgit v1.2.3