Use SecureRandom instead of Random (#15459)
Make sure that SecureRadom is used whenever the random number is used for cryptographic operations, e.g. as nonce/salt. Signed-off-by: Holger Friedrich <mail@holger-friedrich.de>
This commit is contained in:
parent
e86998000e
commit
95ac2eb80b
|
@ -14,6 +14,7 @@ package org.openhab.binding.ipcamera.internal;
|
||||||
|
|
||||||
import java.security.MessageDigest;
|
import java.security.MessageDigest;
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.security.SecureRandom;
|
||||||
import java.util.Random;
|
import java.util.Random;
|
||||||
|
|
||||||
import org.eclipse.jdt.annotation.NonNullByDefault;
|
import org.eclipse.jdt.annotation.NonNullByDefault;
|
||||||
|
@ -117,7 +118,7 @@ public class MyNettyAuthHandler extends ChannelDuplexHandler {
|
||||||
// create the MD5 hashes
|
// create the MD5 hashes
|
||||||
String ha1 = username + ":" + realm + ":" + password;
|
String ha1 = username + ":" + realm + ":" + password;
|
||||||
ha1 = calcMD5Hash(ha1);
|
ha1 = calcMD5Hash(ha1);
|
||||||
Random random = new Random();
|
Random random = new SecureRandom();
|
||||||
String cnonce = Integer.toHexString(random.nextInt());
|
String cnonce = Integer.toHexString(random.nextInt());
|
||||||
ncCounter = (ncCounter > 125) ? 1 : ++ncCounter;
|
ncCounter = (ncCounter > 125) ? 1 : ++ncCounter;
|
||||||
String nc = String.format("%08X", ncCounter); // 8 digit hex number
|
String nc = String.format("%08X", ncCounter); // 8 digit hex number
|
||||||
|
|
|
@ -18,6 +18,7 @@ import java.net.InetSocketAddress;
|
||||||
import java.nio.charset.StandardCharsets;
|
import java.nio.charset.StandardCharsets;
|
||||||
import java.security.MessageDigest;
|
import java.security.MessageDigest;
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.security.SecureRandom;
|
||||||
import java.text.SimpleDateFormat;
|
import java.text.SimpleDateFormat;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Base64;
|
import java.util.Base64;
|
||||||
|
@ -478,7 +479,7 @@ public class OnvifConnection {
|
||||||
}
|
}
|
||||||
|
|
||||||
String createNonce() {
|
String createNonce() {
|
||||||
Random nonce = new Random();
|
Random nonce = new SecureRandom();
|
||||||
return "" + nonce.nextInt();
|
return "" + nonce.nextInt();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -17,6 +17,7 @@ import static org.openhab.binding.kostalinverter.internal.thirdgeneration.ThirdG
|
||||||
import java.security.InvalidKeyException;
|
import java.security.InvalidKeyException;
|
||||||
import java.security.MessageDigest;
|
import java.security.MessageDigest;
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.security.SecureRandom;
|
||||||
import java.security.spec.InvalidKeySpecException;
|
import java.security.spec.InvalidKeySpecException;
|
||||||
import java.util.Base64;
|
import java.util.Base64;
|
||||||
import java.util.Random;
|
import java.util.Random;
|
||||||
|
@ -105,7 +106,7 @@ final class ThirdGenerationEncryptionHelper {
|
||||||
* @return nonce
|
* @return nonce
|
||||||
*/
|
*/
|
||||||
static String createClientNonce() {
|
static String createClientNonce() {
|
||||||
Random generator = new Random();
|
Random generator = new SecureRandom();
|
||||||
|
|
||||||
// Randomize the random generator
|
// Randomize the random generator
|
||||||
byte[] randomizeArray = new byte[1024];
|
byte[] randomizeArray = new byte[1024];
|
||||||
|
|
|
@ -24,6 +24,7 @@ import java.nio.charset.StandardCharsets;
|
||||||
import java.nio.file.Files;
|
import java.nio.file.Files;
|
||||||
import java.nio.file.Path;
|
import java.nio.file.Path;
|
||||||
import java.nio.file.Paths;
|
import java.nio.file.Paths;
|
||||||
|
import java.security.SecureRandom;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Base64;
|
import java.util.Base64;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
@ -45,7 +46,7 @@ import org.slf4j.Logger;
|
||||||
@NonNullByDefault
|
@NonNullByDefault
|
||||||
public class CloudUtil {
|
public class CloudUtil {
|
||||||
|
|
||||||
private static final Random RANDOM = new Random();
|
private static final Random RANDOM = new SecureRandom();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Saves the Xiaomi cloud device info with tokens to file
|
* Saves the Xiaomi cloud device info with tokens to file
|
||||||
|
|
|
@ -15,6 +15,7 @@ package org.openhab.binding.millheat.internal.handler;
|
||||||
import java.nio.charset.StandardCharsets;
|
import java.nio.charset.StandardCharsets;
|
||||||
import java.security.MessageDigest;
|
import java.security.MessageDigest;
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.security.SecureRandom;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Optional;
|
import java.util.Optional;
|
||||||
import java.util.Random;
|
import java.util.Random;
|
||||||
|
@ -107,7 +108,7 @@ public class MillheatAccountHandler extends BaseBridgeHandler {
|
||||||
private @NonNullByDefault({}) MillheatAccountConfiguration config;
|
private @NonNullByDefault({}) MillheatAccountConfiguration config;
|
||||||
|
|
||||||
private static String getRandomString(final int sizeOfRandomString) {
|
private static String getRandomString(final int sizeOfRandomString) {
|
||||||
final Random random = new Random();
|
final Random random = new SecureRandom();
|
||||||
final StringBuilder sb = new StringBuilder(sizeOfRandomString);
|
final StringBuilder sb = new StringBuilder(sizeOfRandomString);
|
||||||
for (int i = 0; i < sizeOfRandomString; ++i) {
|
for (int i = 0; i < sizeOfRandomString; ++i) {
|
||||||
sb.append(ALLOWED_NONCE_CHARACTERS.charAt(random.nextInt(ALLOWED_NONCE_CHARACTERS_LENGTH)));
|
sb.append(ALLOWED_NONCE_CHARACTERS.charAt(random.nextInt(ALLOWED_NONCE_CHARACTERS_LENGTH)));
|
||||||
|
|
|
@ -13,6 +13,7 @@
|
||||||
package org.openhab.binding.mybmw.internal.utils;
|
package org.openhab.binding.mybmw.internal.utils;
|
||||||
|
|
||||||
import java.lang.reflect.Type;
|
import java.lang.reflect.Type;
|
||||||
|
import java.security.SecureRandom;
|
||||||
import java.text.SimpleDateFormat;
|
import java.text.SimpleDateFormat;
|
||||||
import java.time.LocalTime;
|
import java.time.LocalTime;
|
||||||
import java.time.ZoneId;
|
import java.time.ZoneId;
|
||||||
|
@ -251,7 +252,7 @@ public class Converter {
|
||||||
public static String getRandomString(int size) {
|
public static String getRandomString(int size) {
|
||||||
int leftLimit = 97; // letter 'a'
|
int leftLimit = 97; // letter 'a'
|
||||||
int rightLimit = 122; // letter 'z'
|
int rightLimit = 122; // letter 'z'
|
||||||
Random random = new Random();
|
Random random = new SecureRandom();
|
||||||
|
|
||||||
String generatedString = random.ints(leftLimit, rightLimit + 1).limit(size)
|
String generatedString = random.ints(leftLimit, rightLimit + 1).limit(size)
|
||||||
.collect(StringBuilder::new, StringBuilder::appendCodePoint, StringBuilder::append).toString();
|
.collect(StringBuilder::new, StringBuilder::appendCodePoint, StringBuilder::append).toString();
|
||||||
|
|
|
@ -20,6 +20,7 @@ import java.io.OutputStream;
|
||||||
import java.net.InetSocketAddress;
|
import java.net.InetSocketAddress;
|
||||||
import java.net.Socket;
|
import java.net.Socket;
|
||||||
import java.net.SocketTimeoutException;
|
import java.net.SocketTimeoutException;
|
||||||
|
import java.security.SecureRandom;
|
||||||
import java.util.Random;
|
import java.util.Random;
|
||||||
|
|
||||||
import org.eclipse.jdt.annotation.NonNullByDefault;
|
import org.eclipse.jdt.annotation.NonNullByDefault;
|
||||||
|
@ -132,7 +133,7 @@ public class Ethm1Module extends SatelModule {
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
throw new IOException("General encryption failure", e);
|
throw new IOException("General encryption failure", e);
|
||||||
}
|
}
|
||||||
this.rand = new Random();
|
this.rand = new SecureRandom();
|
||||||
this.idS = 0;
|
this.idS = 0;
|
||||||
this.idR = 0;
|
this.idR = 0;
|
||||||
this.rollingCounter = 0;
|
this.rollingCounter = 0;
|
||||||
|
|
Loading…
Reference in New Issue