[Engine-patches] Change in ovirt-engine[master]: core: ticket utils: use SecureRandom

Alon Bar-Lev Sun, 02 Jun 2013 06:22:37 -0700

Alon Bar-Lev has uploaded a new change for review.

Change subject: core: ticket utils: use SecureRandom
......................................................................


core: ticket utils: use SecureRandom

I had a glance at java implementation of basic Random, and it is bad for
us to generate the salt. So I suggest to use SecureRandom instead.

Change-Id: Idaaf8b9cc4c4afeb62d5ad5ba86fcb4878de09a8
Signed-off-by: Alon Bar-Lev <alo...@redhat.com>
---
M 
backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/crypt/TicketUtils.java
1 file changed, 3 insertions(+), 4 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/80/15280/1

diff --git 
a/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/crypt/TicketUtils.java
 
b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/crypt/TicketUtils.java
index 034e91b..98e2ed0 100644
--- 
a/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/crypt/TicketUtils.java
+++ 
b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/crypt/TicketUtils.java
@@ -10,6 +10,7 @@
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
+import java.security.SecureRandom;
 import java.security.Signature;
 import java.security.SignatureException;
 import java.security.UnrecoverableKeyException;
@@ -19,7 +20,6 @@
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
-import java.util.Random;
 import java.util.TimeZone;
 
 import org.apache.commons.codec.binary.Base64;
@@ -29,9 +29,8 @@
 
 public class TicketUtils {
 
-    PrivateKey key;
+    private PrivateKey key;
     private final int lifetime;
-    protected Random random = new Random();
 
     /**
      * Creates a TicketUtils instance for
@@ -83,7 +82,7 @@
          * Add signed fields
          */
         byte[] random = new byte[8];
-        this.random.nextBytes(random);
+        SecureRandom.getInstance("SHA1PRNG").nextBytes(random);
         map.put("salt", base64.encodeToString(random));
 
         SimpleDateFormat df = new SimpleDateFormat("yyyyMMddHHmmss");


--
To view, visit http://gerrit.ovirt.org/15280
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Idaaf8b9cc4c4afeb62d5ad5ba86fcb4878de09a8
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Alon Bar-Lev <alo...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

[Engine-patches] Change in ovirt-engine[master]: core: ticket utils: use SecureRandom

Reply via email to