Skip to content

Commit 6c94186

Browse files
committed
SecureRandom.getInstanceStrong() -> new SecureRandom()
1 parent 1884dc0 commit 6c94186

5 files changed

Lines changed: 16 additions & 19 deletions

File tree

RELEASE-NOTES.txt

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,6 @@ o Wrong value calculated by Cologne Phonetic if a special character is placed be
1919
o ColognePhoneticTest.testIsEncodeEquals missing assertions Issue: CODEC-246. Thanks to Oscar Luis Vera Pérez.
2020

2121
Changes:
22-
o Update from Java 6 to Java 7 Issue: CODEC-244.
2322
o Update from Java 7 to Java 8 Issue: CODEC-253.
2423

2524

pom.xml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -224,8 +224,8 @@ limitations under the License.
224224
</dependency>
225225
</dependencies>
226226
<properties>
227-
<maven.compiler.source>1.8</maven.compiler.source>
228-
<maven.compiler.target>1.8</maven.compiler.target>
227+
<maven.compiler.source>1.7</maven.compiler.source>
228+
<maven.compiler.target>1.7</maven.compiler.target>
229229
<commons.componentid>codec</commons.componentid>
230230
<commons.module.name>org.apache.commons.codec</commons.module.name>
231231
<commons.jira.id>CODEC</commons.jira.id>

src/main/java/org/apache/commons/codec/digest/B64.java

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -75,11 +75,7 @@ static void b64from24bit(final byte b2, final byte b1, final byte b0, final int
7575
* @return a random salt {@link String}.
7676
*/
7777
static String getRandomSalt(final int num) {
78-
try {
79-
return getRandomSalt(num, SecureRandom.getInstanceStrong());
80-
} catch (NoSuchAlgorithmException e) {
81-
throw new IllegalStateException(e);
82-
}
78+
return getRandomSalt(num, new SecureRandom());
8379
}
8480

8581
/**

src/main/java/org/apache/commons/codec/digest/Md5Crypt.java

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -65,8 +65,8 @@ public class Md5Crypt {
6565
/**
6666
* See {@link #apr1Crypt(byte[], String)} for details.
6767
* <p>
68-
* A salt is generated for you using {@link ThreadLocalRandom}; for more secure salts consider using
69-
* {@link SecureRandom} to generate your own salts and calling {@link #apr1Crypt(byte[], String)}.
68+
* A salt is generated for you using {@link SecureRandom}; your own {@link Random} in
69+
* {@link #apr1Crypt(byte[], Random)}.
7070
* </p>
7171
*
7272
* @param keyBytes plaintext string to hash.
@@ -98,8 +98,7 @@ public static String apr1Crypt(final byte[] keyBytes, final Random random) {
9898
/**
9999
* See {@link #apr1Crypt(String, String)} for details.
100100
* <p>
101-
* A salt is generated for you using {@link ThreadLocalRandom}; for more secure salts consider using
102-
* {@link SecureRandom} to generate your own salts.
101+
* A salt is generated for you using {@link SecureRandom}
103102
* </p>
104103
*
105104
* @param keyBytes
@@ -207,7 +206,8 @@ public static String md5Crypt(final byte[] keyBytes, final Random random) {
207206
/**
208207
* Generates a libc crypt() compatible "$1$" MD5 based hash value.
209208
* <p>
210-
* See {@link Crypt#crypt(String, String)} for details.
209+
* See {@link Crypt#crypt(String, String)} for details. We use {@link SecureRandom} for seed generation by
210+
* default.
211211
* </p>
212212
*
213213
* @param keyBytes
@@ -229,7 +229,8 @@ public static String md5Crypt(final byte[] keyBytes, final String salt) {
229229
/**
230230
* Generates a libc6 crypt() "$1$" or Apache htpasswd "$apr1$" hash value.
231231
* <p>
232-
* See {@link Crypt#crypt(String, String)} or {@link #apr1Crypt(String, String)} for details.
232+
* See {@link Crypt#crypt(String, String)} or {@link #apr1Crypt(String, String)} for details. We use
233+
* {@link SecureRandom by default}.
233234
* </p>
234235
*
235236
* @param keyBytes

src/main/java/org/apache/commons/codec/digest/Sha2Crypt.java

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -100,8 +100,8 @@ public static String sha256Crypt(final byte[] keyBytes) {
100100
* plaintext to hash
101101
* @param salt
102102
* real salt value without prefix or "rounds=". The salt may be null, in which case a salt is generated for
103-
* you using {@link ThreadLocalRandom}; for more secure salts consider using {@link SecureRandom} to
104-
* generate your own salts.
103+
* you using {@link SecureRandom}. If one does not want to use {@link SecureRandom}, you can pass your
104+
* own {@link Random} in {@link #sha256Crypt(byte[], String, Random)}.
105105
* @return complete hash value including salt
106106
* @throws IllegalArgumentException
107107
* if the salt does not match the allowed pattern
@@ -569,9 +569,10 @@ public static String sha512Crypt(final byte[] keyBytes) {
569569
* @param keyBytes
570570
* plaintext to hash
571571
* @param salt
572-
* real salt value without prefix or "rounds=". The salt may be null, in which case a salt is generated for
573-
* you using {@link ThreadLocalRandom}; for more secure salts consider using {@link SecureRandom} to
574-
* generate your own salts.
572+
* real salt value without prefix or "rounds=". The salt may be null, in which case a salt is generated
573+
* for you using {@link SecureRandom}; if you want to use a {@link Random} object other than
574+
* {@link SecureRandom} then we suggest you provide it using
575+
* {@link #sha512Crypt(byte[], String, Random)}.
575576
* @return complete hash value including salt
576577
* @throws IllegalArgumentException
577578
* if the salt does not match the allowed pattern

0 commit comments

Comments
 (0)