You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by ac...@apache.org on 2021/02/15 13:11:41 UTC
[camel] branch master updated: CAMEL-16193 - Use SecureRandom
instead of Random - Core
This is an automated email from the ASF dual-hosted git repository.
acosentino pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/master by this push:
new 60e5f55 CAMEL-16193 - Use SecureRandom instead of Random - Core
60e5f55 is described below
commit 60e5f55277d8ec06457cf0c1909347e30571ddd5
Author: Andrea Cosentino <an...@gmail.com>
AuthorDate: Mon Feb 15 14:11:00 2021 +0100
CAMEL-16193 - Use SecureRandom instead of Random - Core
---
.../java/org/apache/camel/language/csimple/CSimpleHelper.java | 4 ++--
.../apache/camel/language/simple/SimpleExpressionBuilder.java | 6 +++---
.../apache/camel/processor/errorhandler/RedeliveryPolicy.java | 10 +++++-----
.../java/org/apache/camel/cluster/ClusterServiceViewTest.java | 6 +++---
.../camel/component/file/FileProducerMoveExistingTest.java | 4 ++--
.../camel/component/file/stress/FileAsyncStressManually.java | 4 ++--
.../file/stress/FileAsyncStressReadLockLockFileTest.java | 4 ++--
.../component/file/stress/FileAsyncStressReadLockNoneTest.java | 4 ++--
.../file/stress/FileAsyncStressReadLockRenameTest.java | 4 ++--
.../camel/component/file/stress/FileAsyncStressTest.java | 4 ++--
.../org/apache/camel/processor/PipelineConcurrentTest.java | 4 ++--
.../apache/camel/processor/SplitterParallelAggregateTest.java | 4 ++--
.../java/org/apache/camel/processor/StreamResequencerTest.java | 6 +++---
.../camel/processor/resequencer/ResequencerEngineTest.java | 4 ++--
.../camel/management/ManagedTypeConverterRegistryTest.java | 2 +-
15 files changed, 35 insertions(+), 35 deletions(-)
diff --git a/core/camel-core-languages/src/main/java/org/apache/camel/language/csimple/CSimpleHelper.java b/core/camel-core-languages/src/main/java/org/apache/camel/language/csimple/CSimpleHelper.java
index 68fa57a..3ff2202 100644
--- a/core/camel-core-languages/src/main/java/org/apache/camel/language/csimple/CSimpleHelper.java
+++ b/core/camel-core-languages/src/main/java/org/apache/camel/language/csimple/CSimpleHelper.java
@@ -19,13 +19,13 @@ package org.apache.camel.language.csimple;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.lang.reflect.Array;
+import java.security.SecureRandom;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
-import java.util.Random;
import java.util.Set;
import java.util.TimeZone;
import java.util.regex.Matcher;
@@ -465,7 +465,7 @@ public final class CSimpleHelper {
public static int random(Exchange exchange, Object min, Object max) {
int num1 = exchange.getContext().getTypeConverter().tryConvertTo(int.class, exchange, min);
int num2 = exchange.getContext().getTypeConverter().tryConvertTo(int.class, exchange, max);
- Random random = new Random();
+ SecureRandom random = new SecureRandom();
return random.nextInt(num2 - num1) + num1;
}
diff --git a/core/camel-core-languages/src/main/java/org/apache/camel/language/simple/SimpleExpressionBuilder.java b/core/camel-core-languages/src/main/java/org/apache/camel/language/simple/SimpleExpressionBuilder.java
index a081852..5f90fd9 100644
--- a/core/camel-core-languages/src/main/java/org/apache/camel/language/simple/SimpleExpressionBuilder.java
+++ b/core/camel-core-languages/src/main/java/org/apache/camel/language/simple/SimpleExpressionBuilder.java
@@ -16,12 +16,12 @@
*/
package org.apache.camel.language.simple;
+import java.security.SecureRandom;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
-import java.util.Random;
import java.util.Set;
import java.util.TimeZone;
import java.util.concurrent.atomic.AtomicReference;
@@ -190,7 +190,7 @@ public final class SimpleExpressionBuilder {
public Object evaluate(Exchange exchange) {
int num1 = exp1.evaluate(exchange, Integer.class);
int num2 = exp2.evaluate(exchange, Integer.class);
- Random random = new Random();
+ SecureRandom random = new SecureRandom();
int randomNum = random.nextInt(num2 - num1) + num1;
return randomNum;
}
@@ -223,7 +223,7 @@ public final class SimpleExpressionBuilder {
public static Expression randomExpression(final int min, final int max) {
return new ExpressionAdapter() {
public Object evaluate(Exchange exchange) {
- Random random = new Random();
+ SecureRandom random = new SecureRandom();
int randomNum = random.nextInt(max - min) + min;
return randomNum;
}
diff --git a/core/camel-core-processor/src/main/java/org/apache/camel/processor/errorhandler/RedeliveryPolicy.java b/core/camel-core-processor/src/main/java/org/apache/camel/processor/errorhandler/RedeliveryPolicy.java
index fd41bd0..c5f5b13 100644
--- a/core/camel-core-processor/src/main/java/org/apache/camel/processor/errorhandler/RedeliveryPolicy.java
+++ b/core/camel-core-processor/src/main/java/org/apache/camel/processor/errorhandler/RedeliveryPolicy.java
@@ -17,7 +17,7 @@
package org.apache.camel.processor.errorhandler;
import java.io.Serializable;
-import java.util.Random;
+import java.security.SecureRandom;
import org.apache.camel.Exchange;
import org.apache.camel.LoggingLevel;
@@ -82,7 +82,7 @@ public class RedeliveryPolicy implements Cloneable, Serializable {
// default policy using out of the box settings which can be shared
public static final RedeliveryPolicy DEFAULT_POLICY = new RedeliveryPolicy();
- protected static Random randomNumberGenerator;
+ protected static SecureRandom randomNumberGenerator;
private static final long serialVersionUID = -338222777701473252L;
private static final Logger LOG = LoggerFactory.getLogger(RedeliveryPolicy.class);
@@ -231,7 +231,7 @@ public class RedeliveryPolicy implements Cloneable, Serializable {
* First random determines +/-, second random determines how far to
* go in that direction. -cgs
*/
- Random random = getRandomNumberGenerator();
+ SecureRandom random = getRandomNumberGenerator();
double variance = (random.nextBoolean() ? collisionAvoidanceFactor : -collisionAvoidanceFactor)
* random.nextDouble();
redeliveryDelayResult += redeliveryDelayResult * variance;
@@ -561,9 +561,9 @@ public class RedeliveryPolicy implements Cloneable, Serializable {
this.useExponentialBackOff = useExponentialBackOff;
}
- protected static synchronized Random getRandomNumberGenerator() {
+ protected static synchronized SecureRandom getRandomNumberGenerator() {
if (randomNumberGenerator == null) {
- randomNumberGenerator = new Random();
+ randomNumberGenerator = new SecureRandom();
}
return randomNumberGenerator;
}
diff --git a/core/camel-core/src/test/java/org/apache/camel/cluster/ClusterServiceViewTest.java b/core/camel-core/src/test/java/org/apache/camel/cluster/ClusterServiceViewTest.java
index fc65afd..31f31d3 100644
--- a/core/camel-core/src/test/java/org/apache/camel/cluster/ClusterServiceViewTest.java
+++ b/core/camel-core/src/test/java/org/apache/camel/cluster/ClusterServiceViewTest.java
@@ -16,11 +16,11 @@
*/
package org.apache.camel.cluster;
+import java.security.SecureRandom;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Optional;
-import java.util.Random;
import java.util.Set;
import java.util.UUID;
import java.util.concurrent.CountDownLatch;
@@ -125,7 +125,7 @@ public class ClusterServiceViewTest {
public void testMultipleViewListeners() throws Exception {
final TestClusterService service = new TestClusterService(UUID.randomUUID().toString());
final TestClusterView view = service.getView("ns1").unwrap(TestClusterView.class);
- final int events = 1 + new Random().nextInt(10);
+ final int events = 1 + new SecureRandom().nextInt(10);
final Set<Integer> results = new HashSet<>();
final CountDownLatch latch = new CountDownLatch(events);
@@ -146,7 +146,7 @@ public class ClusterServiceViewTest {
public void testLateViewListeners() throws Exception {
final TestClusterService service = new TestClusterService(UUID.randomUUID().toString());
final TestClusterView view = service.getView("ns1").unwrap(TestClusterView.class);
- final int events = 1 + new Random().nextInt(10);
+ final int events = 1 + new SecureRandom().nextInt(10);
final Set<Integer> results = new HashSet<>();
final CountDownLatch latch = new CountDownLatch(events * 2);
diff --git a/core/camel-core/src/test/java/org/apache/camel/component/file/FileProducerMoveExistingTest.java b/core/camel-core/src/test/java/org/apache/camel/component/file/FileProducerMoveExistingTest.java
index bd092720..80edd2a 100644
--- a/core/camel-core/src/test/java/org/apache/camel/component/file/FileProducerMoveExistingTest.java
+++ b/core/camel-core/src/test/java/org/apache/camel/component/file/FileProducerMoveExistingTest.java
@@ -17,9 +17,9 @@
package org.apache.camel.component.file;
import java.io.File;
+import java.security.SecureRandom;
import java.text.SimpleDateFormat;
import java.util.Date;
-import java.util.Random;
import org.apache.camel.CamelExecutionException;
import org.apache.camel.ContextTestSupport;
@@ -322,7 +322,7 @@ public class FileProducerMoveExistingTest extends ContextTestSupport {
private String generateRandomString(int targetStringLength) {
int leftLimit = 97; // letter 'a'
int rightLimit = 122; // letter 'z'
- Random random = new Random();
+ SecureRandom random = new SecureRandom();
StringBuilder buffer = new StringBuilder(targetStringLength);
for (int i = 0; i < targetStringLength; i++) {
int randomLimitedInt = leftLimit + (int) (random.nextFloat() * (rightLimit - leftLimit + 1));
diff --git a/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressManually.java b/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressManually.java
index a91b869..83bdbf8 100644
--- a/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressManually.java
+++ b/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressManually.java
@@ -16,7 +16,7 @@
*/
package org.apache.camel.component.file.stress;
-import java.util.Random;
+import java.security.SecureRandom;
import org.apache.camel.ContextTestSupport;
import org.apache.camel.Exchange;
@@ -52,7 +52,7 @@ public class FileAsyncStressManually extends ContextTestSupport {
.process(new Processor() {
public void process(Exchange exchange) throws Exception {
// simulate some work with random time to complete
- Random ran = new Random();
+ SecureRandom ran = new SecureRandom();
int delay = ran.nextInt(500) + 10;
Thread.sleep(delay);
}
diff --git a/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressReadLockLockFileTest.java b/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressReadLockLockFileTest.java
index c12fa13..07fead0 100644
--- a/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressReadLockLockFileTest.java
+++ b/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressReadLockLockFileTest.java
@@ -16,7 +16,7 @@
*/
package org.apache.camel.component.file.stress;
-import java.util.Random;
+import java.security.SecureRandom;
import org.apache.camel.Exchange;
import org.apache.camel.Processor;
@@ -39,7 +39,7 @@ public class FileAsyncStressReadLockLockFileTest extends FileAsyncStressTest {
.threads(10).process(new Processor() {
public void process(Exchange exchange) throws Exception {
// simulate some work with random time to complete
- Random ran = new Random();
+ SecureRandom ran = new SecureRandom();
int delay = ran.nextInt(250) + 10;
Thread.sleep(delay);
}
diff --git a/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressReadLockNoneTest.java b/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressReadLockNoneTest.java
index 0244298..24d2732 100644
--- a/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressReadLockNoneTest.java
+++ b/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressReadLockNoneTest.java
@@ -16,7 +16,7 @@
*/
package org.apache.camel.component.file.stress;
-import java.util.Random;
+import java.security.SecureRandom;
import org.apache.camel.Exchange;
import org.apache.camel.Processor;
@@ -39,7 +39,7 @@ public class FileAsyncStressReadLockNoneTest extends FileAsyncStressTest {
.threads(10).process(new Processor() {
public void process(Exchange exchange) throws Exception {
// simulate some work with random time to complete
- Random ran = new Random();
+ SecureRandom ran = new SecureRandom();
int delay = ran.nextInt(250) + 10;
Thread.sleep(delay);
}
diff --git a/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressReadLockRenameTest.java b/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressReadLockRenameTest.java
index 8180d73..cd50b8c 100644
--- a/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressReadLockRenameTest.java
+++ b/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressReadLockRenameTest.java
@@ -16,7 +16,7 @@
*/
package org.apache.camel.component.file.stress;
-import java.util.Random;
+import java.security.SecureRandom;
import org.apache.camel.Exchange;
import org.apache.camel.Processor;
@@ -39,7 +39,7 @@ public class FileAsyncStressReadLockRenameTest extends FileAsyncStressTest {
.threads(10).process(new Processor() {
public void process(Exchange exchange) throws Exception {
// simulate some work with random time to complete
- Random ran = new Random();
+ SecureRandom ran = new SecureRandom();
int delay = ran.nextInt(250) + 10;
Thread.sleep(delay);
}
diff --git a/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressTest.java b/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressTest.java
index c9ebd47..a6abd88 100644
--- a/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressTest.java
+++ b/core/camel-core/src/test/java/org/apache/camel/component/file/stress/FileAsyncStressTest.java
@@ -16,7 +16,7 @@
*/
package org.apache.camel.component.file.stress;
-import java.util.Random;
+import java.security.SecureRandom;
import org.apache.camel.ContextTestSupport;
import org.apache.camel.Exchange;
@@ -77,7 +77,7 @@ public class FileAsyncStressTest extends ContextTestSupport {
.process(new Processor() {
public void process(Exchange exchange) throws Exception {
// simulate some work with random time to complete
- Random ran = new Random();
+ SecureRandom ran = new SecureRandom();
int delay = ran.nextInt(50) + 10;
Thread.sleep(delay);
}
diff --git a/core/camel-core/src/test/java/org/apache/camel/processor/PipelineConcurrentTest.java b/core/camel-core/src/test/java/org/apache/camel/processor/PipelineConcurrentTest.java
index 186131b..8e58fef 100644
--- a/core/camel-core/src/test/java/org/apache/camel/processor/PipelineConcurrentTest.java
+++ b/core/camel-core/src/test/java/org/apache/camel/processor/PipelineConcurrentTest.java
@@ -16,7 +16,7 @@
*/
package org.apache.camel.processor;
-import java.util.Random;
+import java.security.SecureRandom;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
@@ -51,7 +51,7 @@ public class PipelineConcurrentTest extends ContextTestSupport {
try {
// do some random sleep to simulate spread in user
// activity
- Thread.sleep(new Random().nextInt(10));
+ Thread.sleep(new SecureRandom().nextInt(10));
} catch (InterruptedException e) {
// ignore
}
diff --git a/core/camel-core/src/test/java/org/apache/camel/processor/SplitterParallelAggregateTest.java b/core/camel-core/src/test/java/org/apache/camel/processor/SplitterParallelAggregateTest.java
index eb213a7..a0d8440 100644
--- a/core/camel-core/src/test/java/org/apache/camel/processor/SplitterParallelAggregateTest.java
+++ b/core/camel-core/src/test/java/org/apache/camel/processor/SplitterParallelAggregateTest.java
@@ -17,11 +17,11 @@
package org.apache.camel.processor;
import java.io.File;
+import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
-import java.util.Random;
import java.util.concurrent.Future;
import org.apache.camel.AggregationStrategy;
@@ -127,7 +127,7 @@ public class SplitterParallelAggregateTest extends ContextTestSupport {
public Exchange aggregate(Exchange oldExchange, Exchange newExchange) {
// emulate some processing
- Random random = new Random(System.currentTimeMillis());
+ SecureRandom random = new SecureRandom();
for (int i = 0; i < 10000; i++) {
random.nextGaussian();
}
diff --git a/core/camel-core/src/test/java/org/apache/camel/processor/StreamResequencerTest.java b/core/camel-core/src/test/java/org/apache/camel/processor/StreamResequencerTest.java
index a62bbdd..79503b7 100644
--- a/core/camel-core/src/test/java/org/apache/camel/processor/StreamResequencerTest.java
+++ b/core/camel-core/src/test/java/org/apache/camel/processor/StreamResequencerTest.java
@@ -16,8 +16,8 @@
*/
package org.apache.camel.processor;
+import java.security.SecureRandom;
import java.util.List;
-import java.util.Random;
import java.util.concurrent.ExecutorService;
import org.apache.camel.Channel;
@@ -134,14 +134,14 @@ public class StreamResequencerTest extends ContextTestSupport {
private final int start;
private final int end;
private final int increment;
- private final Random random;
+ private final SecureRandom random;
Sender(ProducerTemplate template, int start, int end, int increment) {
this.template = template;
this.start = start;
this.end = end;
this.increment = increment;
- random = new Random();
+ random = new SecureRandom();
}
@Override
diff --git a/core/camel-core/src/test/java/org/apache/camel/processor/resequencer/ResequencerEngineTest.java b/core/camel-core/src/test/java/org/apache/camel/processor/resequencer/ResequencerEngineTest.java
index 99cec97..687cac2 100644
--- a/core/camel-core/src/test/java/org/apache/camel/processor/resequencer/ResequencerEngineTest.java
+++ b/core/camel-core/src/test/java/org/apache/camel/processor/resequencer/ResequencerEngineTest.java
@@ -16,9 +16,9 @@
*/
package org.apache.camel.processor.resequencer;
+import java.security.SecureRandom;
import java.util.LinkedList;
import java.util.List;
-import java.util.Random;
import java.util.concurrent.TimeUnit;
import org.apache.camel.TestSupport;
@@ -104,7 +104,7 @@ public class ResequencerEngineTest extends TestSupport {
for (int i = 0; i < input; i++) {
list.add(i);
}
- Random random = new Random(System.currentTimeMillis());
+ SecureRandom random = new SecureRandom();
StringBuilder sb = new StringBuilder(4000);
sb.append("Input sequence: ");
long millis = System.currentTimeMillis();
diff --git a/core/camel-management/src/test/java/org/apache/camel/management/ManagedTypeConverterRegistryTest.java b/core/camel-management/src/test/java/org/apache/camel/management/ManagedTypeConverterRegistryTest.java
index dc5a8c6..9de32f0 100644
--- a/core/camel-management/src/test/java/org/apache/camel/management/ManagedTypeConverterRegistryTest.java
+++ b/core/camel-management/src/test/java/org/apache/camel/management/ManagedTypeConverterRegistryTest.java
@@ -121,7 +121,7 @@ public class ManagedTypeConverterRegistryTest extends ManagementTestSupport {
assertTrue(has, "Should have type converter");
has = (Boolean) mbeanServer.invoke(name, "hasTypeConverter",
- new Object[] { "java.math.BigInteger", "java.util.Random" },
+ new Object[] { "java.math.BigInteger", "java.security.SecureRandom" },
new String[] { "java.lang.String", "java.lang.String" });
assertFalse(has, "Should not have type converter");
}