Skip to content

Commit

Permalink
use new SecureRandom which uses non blocking /dev/urandom
Browse files Browse the repository at this point in the history
  • Loading branch information
atomfrede committed Sep 13, 2019
1 parent b22fb1d commit 88448b8
Show file tree
Hide file tree
Showing 4 changed files with 17 additions and 28 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -127,7 +127,7 @@ public class PersistentTokenRememberMeServices extends
log.debug("Refreshing persistent login token for user '{}', series '{}'", login, token.getSeries());<% if (databaseType === 'sql' || databaseType === 'mongodb' || databaseType === 'couchbase') { %>
token.setTokenDate(LocalDate.now());<%}%><% if (databaseType === 'cassandra') { %>
token.setTokenDate(new Date());<%}%>
token.setTokenValue(RandomUtil.getInstance().generateTokenData());
token.setTokenValue(RandomUtil.generateTokenData());
token.setIpAddress(request.getRemoteAddr());
token.setUserAgent(request.getHeader("User-Agent"));
try {
Expand Down Expand Up @@ -156,11 +156,11 @@ public class PersistentTokenRememberMeServices extends
log.debug("Creating new persistent login for user {}", login);
PersistentToken token = userRepository.findOneByLogin(login).map(u -> {
PersistentToken t = new PersistentToken();
t.setSeries(RandomUtil.getInstance().generateSeriesData());<% if (databaseType === 'sql' || databaseType === 'mongodb') { %>
t.setSeries(RandomUtil.generateSeriesData());<% if (databaseType === 'sql' || databaseType === 'mongodb') { %>
t.setUser(u);<% } else { %>
t.setLogin(login);<% } %><% if (databaseType === 'cassandra') { %>
t.setUserId(u.getId());<% } %>
t.setTokenValue(RandomUtil.getInstance().generateTokenData());
t.setTokenValue(RandomUtil.generateTokenData());
t.setTokenDate(<% if (databaseType === 'cassandra') { %>new Date()<% } else { %>LocalDate.now()<% } %>);
t.setIpAddress(request.getRemoteAddr());
t.setUserAgent(request.getHeader("User-Agent"));
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -202,7 +202,7 @@ public class UserService {
return userRepository.findOneByEmailIgnoreCase(mail)
.filter(<%= asEntity('User') %>::getActivated)
.<% if (reactive) { %>flatMap<% } else { %>map<% } %>(user -> {
user.setResetKey(RandomUtil.getInstance().generateResetKey());
user.setResetKey(RandomUtil.generateResetKey());
user.setResetDate(Instant.now());
<%_ if (!reactive) { _%>
<%_ if (databaseType === 'mongodb' || databaseType === 'couchbase' || databaseType === 'cassandra') { _%>
Expand Down Expand Up @@ -252,7 +252,7 @@ public class UserService {
// new user is not active
newUser.setActivated(false);
// new user gets registration key
newUser.setActivationKey(RandomUtil.getInstance().generateActivationKey());
newUser.setActivationKey(RandomUtil.generateActivationKey());
<%_ if (['sql', 'mongodb'].includes(databaseType)) { _%>
Set<Authority> authorities = new HashSet<>();
authorityRepository.findById(AuthoritiesConstants.USER).ifPresent(authorities::add);
Expand Down Expand Up @@ -310,7 +310,7 @@ public class UserService {
// new user is not active
newUser.setActivated(false);
// new user gets registration key
newUser.setActivationKey(RandomUtil.getInstance().generateActivationKey());
newUser.setActivationKey(RandomUtil.generateActivationKey());
Set<<% if (['sql', 'mongodb'].includes(databaseType)) { %>Authority<% } else { %>String<% } %>> authorities = new HashSet<>();
<%_ if (['sql', 'mongodb'].includes(databaseType)) { _%>
return authorityRepository.findById(AuthoritiesConstants.USER)
Expand Down Expand Up @@ -362,9 +362,9 @@ public class UserService {
} else {
user.setLangKey(userDTO.getLangKey());
}
String encryptedPassword = passwordEncoder.encode(RandomUtil.getInstance().generatePassword());
String encryptedPassword = passwordEncoder.encode(RandomUtil.generatePassword());
user.setPassword(encryptedPassword);
user.setResetKey(RandomUtil.getInstance().generateResetKey());
user.setResetKey(RandomUtil.generateResetKey());
user.setResetDate(Instant.now());
user.setActivated(true);
<%_ if (!reactive) { _%>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -30,23 +30,12 @@ public final class RandomUtil {

private static final int DEF_COUNT = 20;

private static final RandomUtil INSTANCE = new RandomUtil();

public static RandomUtil getInstance() {
return INSTANCE;
}

private final SecureRandom secureRandom;
private static final SecureRandom secureRandom = new SecureRandom(new SecureRandom().generateSeed(128));

private RandomUtil() {
try {
secureRandom = SecureRandom.getInstanceStrong();
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException("Unable to find secure algorithms.", e); //NOSONAR
}
}

private String generateRandomAlphanumericString() {
private static String generateRandomAlphanumericString() {
return RandomStringUtils.random(DEF_COUNT, 0, 0, true, true, null, secureRandom);
}

Expand All @@ -55,7 +44,7 @@ public final class RandomUtil {
*
* @return the generated password.
*/
public String generatePassword() {
public static String generatePassword() {
return generateRandomAlphanumericString();
}

Expand All @@ -64,7 +53,7 @@ public final class RandomUtil {
*
* @return the generated activation key.
*/
public String generateActivationKey() {
public static String generateActivationKey() {
return generateRandomAlphanumericString();
}

Expand All @@ -73,7 +62,7 @@ public final class RandomUtil {
*
* @return the generated reset key.
*/
public String generateResetKey() {
public static String generateResetKey() {
return generateRandomAlphanumericString();
}
<%_ if (authenticationType === 'session' && !reactive) { _%>
Expand All @@ -84,7 +73,7 @@ public final class RandomUtil {
*
* @return the generated series data.
*/
public String generateSeriesData() {
public static String generateSeriesData() {
return generateRandomAlphanumericString();
}

Expand All @@ -93,7 +82,7 @@ public final class RandomUtil {
*
* @return the generated token data.
*/
public String generateTokenData() {
public static String generateTokenData() {
return generateRandomAlphanumericString();
}
<%_ } _%>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -295,7 +295,7 @@ public class UserServiceIT <% if (databaseType === 'cassandra') { %>extends Abst
<%_ } _%>
public void assertThatResetKeyMustNotBeOlderThan24Hours() {
Instant daysAgo = Instant.now().minus(25, ChronoUnit.HOURS);
String resetKey = RandomUtil.getInstance().generateResetKey();
String resetKey = RandomUtil.generateResetKey();
user.setActivated(true);
user.setResetDate(daysAgo);
user.setResetKey(resetKey);
Expand Down Expand Up @@ -329,7 +329,7 @@ public class UserServiceIT <% if (databaseType === 'cassandra') { %>extends Abst
public void assertThatUserCanResetPassword() {
String oldPassword = user.getPassword();
Instant daysAgo = Instant.now().minus(2, ChronoUnit.HOURS);
String resetKey = RandomUtil.getInstance().generateResetKey();
String resetKey = RandomUtil.generateResetKey();
user.setActivated(true);
user.setResetDate(daysAgo);
user.setResetKey(resetKey);
Expand Down

0 comments on commit 88448b8

Please sign in to comment.