You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by ti...@apache.org on 2021/01/20 19:12:44 UTC
svn commit: r1885729 -
/pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/TSAClient.java
Author: tilman
Date: Wed Jan 20 19:12:44 2021
New Revision: 1885729
URL: http://svn.apache.org/viewvc?rev=1885729&view=rev
Log:
PDFBOX-5081: refactor to improve nonce uniqueness
Modified:
pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/TSAClient.java
Modified: pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/TSAClient.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/TSAClient.java?rev=1885729&r1=1885728&r2=1885729&view=diff
==============================================================================
--- pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/TSAClient.java (original)
+++ pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/TSAClient.java Wed Jan 20 19:12:44 2021
@@ -24,6 +24,7 @@ import java.net.URL;
import java.net.URLConnection;
import java.security.MessageDigest;
import java.security.SecureRandom;
+import java.util.Random;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -52,6 +53,9 @@ public class TSAClient
private final String password;
private final MessageDigest digest;
+ // SecureRandom.getInstanceStrong() would be better, but sometimes blocks on Linux
+ private static final Random RANDOM = new SecureRandom();
+
/**
*
* @param url the URL of the TSA service
@@ -80,8 +84,7 @@ public class TSAClient
byte[] hash = digest.digest(content);
// 32-bit cryptographic nonce
- SecureRandom random = new SecureRandom();
- int nonce = random.nextInt();
+ int nonce = RANDOM.nextInt();
// generate TSA request
TimeStampRequestGenerator tsaGenerator = new TimeStampRequestGenerator();