svn commit: r1466456 - /webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java

Wed, 10 Apr 2013 05:53:01 -0700 

Author: coheigea
Date: Wed Apr 10 12:52:35 2013
New Revision: 1466456

URL: http://svn.apache.org/r1466456
Log:
Use the SecureRandom from Santuario instead

Modified:
    
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java

Modified: 
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java?rev=1466456&r1=1466455&r2=1466456&view=diff
==============================================================================
--- 
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
 (original)
+++ 
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
 Wed Apr 10 12:52:35 2013
@@ -32,6 +32,7 @@ import org.apache.wss4j.common.util.XMLU
 import org.apache.wss4j.dom.handler.WSHandlerConstants;
 import org.apache.wss4j.dom.message.CallbackLookup;
 import org.apache.xml.security.algorithms.JCEMapper;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 import org.apache.xml.security.utils.Base64;
 import org.w3c.dom.Attr;
 import org.w3c.dom.Document;
@@ -49,7 +50,6 @@ import javax.xml.namespace.QName;
 
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashSet;
@@ -65,14 +65,6 @@ public final class WSSecurityUtil {
         org.slf4j.LoggerFactory.getLogger(WSSecurityUtil.class);
 
     /**
-     * A cached pseudo-random number generator
-     * NB. On some JVMs, caching this random number
-     * generator is required to overcome punitive
-     * overhead.
-     */
-    private static SecureRandom random;
-    
-    /**
      * A cached MessageDigest object
      */
     private static MessageDigest digest;
@@ -1103,13 +1095,10 @@ public final class WSSecurityUtil {
      * @return a nonce of the given length
      * @throws WSSecurityException
      */
-    public static synchronized byte[] generateNonce(int length) throws 
WSSecurityException {
+    public static byte[] generateNonce(int length) throws WSSecurityException {
         try {
-            if (random == null) {
-                random = SecureRandom.getInstance("SHA1PRNG");
-            }
             byte[] temp = new byte[length];
-            random.nextBytes(temp);
+            XMLSecurityConstants.secureRandom.nextBytes(temp);
             return temp;
         } catch (Exception ex) {
             throw new 
WSSecurityException(WSSecurityException.ErrorCode.FAILURE,

Reply via email to