mirror of
https://github.com/vanitasvitae/Smack.git
synced 2024-11-22 12:02:05 +01:00
Introduce RandomUtil
and use it in EncryptedOpenPgpContentElement
This commit is contained in:
parent
927eb5e7d7
commit
14f288a763
3 changed files with 52 additions and 27 deletions
|
@ -0,0 +1,46 @@
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* Copyright 2003-2007 Jive Software, 2016-2019 Florian Schmaus.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
package org.jivesoftware.smack.util;
|
||||||
|
|
||||||
|
import java.security.SecureRandom;
|
||||||
|
import java.util.Random;
|
||||||
|
|
||||||
|
public class RandomUtil {
|
||||||
|
|
||||||
|
static final ThreadLocal<SecureRandom> SECURE_RANDOM = new ThreadLocal<SecureRandom>() {
|
||||||
|
@Override
|
||||||
|
protected SecureRandom initialValue() {
|
||||||
|
return new SecureRandom();
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Pseudo-random number generator object for use with randomString().
|
||||||
|
* The Random class is not considered to be cryptographically secure, so
|
||||||
|
* only use these random Strings for low to medium security applications.
|
||||||
|
*/
|
||||||
|
static final ThreadLocal<Random> RANDOM = new ThreadLocal<Random>() {
|
||||||
|
@Override
|
||||||
|
protected Random initialValue() {
|
||||||
|
return new Random();
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
public static int nextSecureRandomInt(int bound) {
|
||||||
|
return SECURE_RANDOM.get().nextInt(bound);
|
||||||
|
}
|
||||||
|
}
|
|
@ -1,6 +1,6 @@
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* Copyright 2003-2007 Jive Software, 2016-2018 Florian Schmaus.
|
* Copyright 2003-2007 Jive Software, 2016-2019 Florian Schmaus.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
|
@ -18,7 +18,6 @@
|
||||||
package org.jivesoftware.smack.util;
|
package org.jivesoftware.smack.util;
|
||||||
|
|
||||||
import java.io.UnsupportedEncodingException;
|
import java.io.UnsupportedEncodingException;
|
||||||
import java.security.SecureRandom;
|
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
import java.util.Iterator;
|
import java.util.Iterator;
|
||||||
import java.util.Random;
|
import java.util.Random;
|
||||||
|
@ -253,18 +252,6 @@ public class StringUtils {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Pseudo-random number generator object for use with randomString().
|
|
||||||
* The Random class is not considered to be cryptographically secure, so
|
|
||||||
* only use these random Strings for low to medium security applications.
|
|
||||||
*/
|
|
||||||
private static final ThreadLocal<Random> randGen = new ThreadLocal<Random>() {
|
|
||||||
@Override
|
|
||||||
protected Random initialValue() {
|
|
||||||
return new Random();
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Array of numbers and letters of mixed case. Numbers appear in the list
|
* Array of numbers and letters of mixed case. Numbers appear in the list
|
||||||
* twice so that there is a more equal chance that a number will be picked.
|
* twice so that there is a more equal chance that a number will be picked.
|
||||||
|
@ -288,18 +275,11 @@ public class StringUtils {
|
||||||
* @return a random String of numbers and letters of the specified length.
|
* @return a random String of numbers and letters of the specified length.
|
||||||
*/
|
*/
|
||||||
public static String insecureRandomString(int length) {
|
public static String insecureRandomString(int length) {
|
||||||
return randomString(length, randGen.get());
|
return randomString(length, RandomUtil.RANDOM.get());
|
||||||
}
|
}
|
||||||
|
|
||||||
private static final ThreadLocal<SecureRandom> SECURE_RANDOM = new ThreadLocal<SecureRandom>() {
|
|
||||||
@Override
|
|
||||||
protected SecureRandom initialValue() {
|
|
||||||
return new SecureRandom();
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
public static String randomString(final int length) {
|
public static String randomString(final int length) {
|
||||||
return randomString(length, SECURE_RANDOM.get());
|
return randomString(length, RandomUtil.SECURE_RANDOM.get());
|
||||||
}
|
}
|
||||||
|
|
||||||
public static String randomString(final int length, Random random) {
|
public static String randomString(final int length, Random random) {
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* Copyright 2017 Florian Schmaus, 2018 Paul Schaub.
|
* Copyright 2017-2019 Florian Schmaus, 2018 Paul Schaub.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
|
@ -16,13 +16,13 @@
|
||||||
*/
|
*/
|
||||||
package org.jivesoftware.smackx.ox.element;
|
package org.jivesoftware.smackx.ox.element;
|
||||||
|
|
||||||
import java.security.SecureRandom;
|
|
||||||
import java.util.Date;
|
import java.util.Date;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
import org.jivesoftware.smack.packet.ExtensionElement;
|
import org.jivesoftware.smack.packet.ExtensionElement;
|
||||||
import org.jivesoftware.smack.util.Objects;
|
import org.jivesoftware.smack.util.Objects;
|
||||||
|
import org.jivesoftware.smack.util.RandomUtil;
|
||||||
import org.jivesoftware.smack.util.StringUtils;
|
import org.jivesoftware.smack.util.StringUtils;
|
||||||
import org.jivesoftware.smack.util.XmlStringBuilder;
|
import org.jivesoftware.smack.util.XmlStringBuilder;
|
||||||
|
|
||||||
|
@ -53,8 +53,7 @@ public abstract class EncryptedOpenPgpContentElement extends OpenPgpContentEleme
|
||||||
}
|
}
|
||||||
|
|
||||||
private static String createRandomPadding() {
|
private static String createRandomPadding() {
|
||||||
SecureRandom secRan = new SecureRandom();
|
int len = RandomUtil.nextSecureRandomInt(256);
|
||||||
int len = secRan.nextInt(256);
|
|
||||||
return StringUtils.randomString(len);
|
return StringUtils.randomString(len);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue