Use SecureRandom instead of Random (#15459)

Make sure that SecureRadom is used whenever the random number
is used for cryptographic operations, e.g. as nonce/salt.

Signed-off-by: Holger Friedrich <mail@holger-friedrich.de>

bundles/org.openhab.binding.ipcamera/src/main/java/org/openhab/binding/ipcamera/internal/MyNettyAuthHandler.java

@@ -14,6 +14,7 @@ package org.openhab.binding.ipcamera.internal;
 
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
 import java.util.Random;
 
 import org.eclipse.jdt.annotation.NonNullByDefault;
@@ -117,7 +118,7 @@ public class MyNettyAuthHandler extends ChannelDuplexHandler {
         // create the MD5 hashes
         String ha1 = username + ":" + realm + ":" + password;
         ha1 = calcMD5Hash(ha1);
-        Random random = new Random();
+        Random random = new SecureRandom();
         String cnonce = Integer.toHexString(random.nextInt());
         ncCounter = (ncCounter > 125) ? 1 : ++ncCounter;
         String nc = String.format("%08X", ncCounter); // 8 digit hex number

bundles/org.openhab.binding.ipcamera/src/main/java/org/openhab/binding/ipcamera/internal/onvif/OnvifConnection.java

@@ -18,6 +18,7 @@ import java.net.InetSocketAddress;
 import java.nio.charset.StandardCharsets;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
 import java.text.SimpleDateFormat;
 import java.util.ArrayList;
 import java.util.Base64;
@@ -478,7 +479,7 @@ public class OnvifConnection {
     }
 
     String createNonce() {
-        Random nonce = new Random();
+        Random nonce = new SecureRandom();
         return "" + nonce.nextInt();
     }