From 2be2c2c95c9a3747fd200e3ea3623607053d5299 Mon Sep 17 00:00:00 2001 From: Florian Zschocke Date: Sat, 10 Dec 2016 01:00:27 +0100 Subject: Introduce SecureRandom wrapper for properly seeded static instances Introduce our own wrapper `SecureRandom` around `java.security.SecureRandom`. This a) makes sure that the PRNG is seeded on creation and not when random bytes are retrieved, and b) uses a static instance in the `UserModel` so that lags do not occur during operation due to potentially seeding getting blocked on Unix when reading from the system's entropy pool. To keep the random data still secure, the static instance will reseed all 24 hours, also a functionality of the wrapper class. This fixes #1063 and extends and closes PR #1116 --- .../java/com/gitblit/utils/SecureRandomTest.java | 33 ++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 src/test/java/com/gitblit/utils/SecureRandomTest.java (limited to 'src/test/java/com/gitblit/utils/SecureRandomTest.java') diff --git a/src/test/java/com/gitblit/utils/SecureRandomTest.java b/src/test/java/com/gitblit/utils/SecureRandomTest.java new file mode 100644 index 00000000..c4098c2f --- /dev/null +++ b/src/test/java/com/gitblit/utils/SecureRandomTest.java @@ -0,0 +1,33 @@ +package com.gitblit.utils; + +import static org.junit.Assert.*; + +import java.util.Arrays; + +import org.junit.Test; + +public class SecureRandomTest { + + @Test + public void testRandomBytes() { + SecureRandom sr = new SecureRandom(); + byte[] bytes1 = sr.randomBytes(10); + assertEquals(10, bytes1.length); + byte[] bytes2 = sr.randomBytes(10); + assertEquals(10, bytes2.length); + assertFalse(Arrays.equals(bytes1, bytes2)); + + assertEquals(0, sr.randomBytes(0).length); + assertEquals(200, sr.randomBytes(200).length); + } + + @Test + public void testNextBytes() { + SecureRandom sr = new SecureRandom(); + byte[] bytes1 = new byte[32]; + sr.nextBytes(bytes1); + byte[] bytes2 = new byte[32]; + sr.nextBytes(bytes2); + assertFalse(Arrays.equals(bytes1, bytes2)); + } +} -- cgit v1.2.3