Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-7990

Remove usage of SecureRandom from test cases to avoid copy-paste

    Details

    • Type: Task
    • Status: Closed
    • Priority: Cosmetic
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 7.1.0
    • Component/s: None
    • Labels:
      None
    • Issue discovered during:
      Community
    • Sprint:
      EJBCA Team Alice - 2019 w10

      Description

      We have some usage of SecureRandom in test cases where we manually seed SecureRandom, which should not be done.

       SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
       random.setSeed(new Date().getTime());

      Since it is test code, just use a normal Random instead, noting that it is not security related.

       // This is a test, so randomness does not have to be secure (CSPRNG)
       Random random = new Random();

       

        Attachments

          Activity

            People

            Assignee:
            tomas Tomas Gustavsson
            Reporter:
            tomas Tomas Gustavsson
            Verified by:
            Lauri Kongas
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 1 hour
                1h
                Remaining:
                Time Spent - 30 minutes Remaining Estimate - 30 minutes
                30m
                Logged:
                Time Spent - 30 minutes Remaining Estimate - 30 minutes
                30m