From 51a3af22bf6c654a161109f05d31456c97edacb7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=CC=88rg=20Prante?= <joergprante@gmail.com>
Date: Thu, 28 Apr 2022 19:23:11 +0200
Subject: [PATCH] use only one SecureRandom

---
 .../groovy/org/xbib/groovy/crypt/CryptUtil.groovy   | 13 +++----------
 .../org/xbib/groovy/crypt/random/RandomUtil.groovy  |  6 ++++++
 2 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/groovy-crypt/src/main/groovy/org/xbib/groovy/crypt/CryptUtil.groovy b/groovy-crypt/src/main/groovy/org/xbib/groovy/crypt/CryptUtil.groovy
index daba2e8..f826f67 100644
--- a/groovy-crypt/src/main/groovy/org/xbib/groovy/crypt/CryptUtil.groovy
+++ b/groovy-crypt/src/main/groovy/org/xbib/groovy/crypt/CryptUtil.groovy
@@ -1,5 +1,7 @@
 package org.xbib.groovy.crypt
 
+import org.xbib.groovy.crypt.random.RandomUtil
+
 import javax.crypto.Mac
 import javax.crypto.SecretKeyFactory
 import javax.crypto.spec.PBEKeySpec
@@ -9,7 +11,6 @@ import java.nio.ByteOrder
 import java.nio.charset.StandardCharsets
 import java.security.MessageDigest
 import java.security.NoSuchAlgorithmException
-import java.security.SecureRandom
 
 /**
  * A utility class for invoking encryption methods and returning LDAP password string,
@@ -17,8 +18,6 @@ import java.security.SecureRandom
  */
 class CryptUtil {
 
-    private static final Random random = new SecureRandom()
-
     static String hexDigest(String plainText, String algo, String prefix) throws NoSuchAlgorithmException {
         if (plainText == null) {
             return null
@@ -152,13 +151,7 @@ class CryptUtil {
     }
 
     static String randomHexString(int length) {
-        randomBytes(length).encodeHex()
-    }
-
-    static byte[] randomBytes(int length) {
-        byte[] b = new byte[length]
-        random.nextBytes(b)
-        b
+        RandomUtil.randomBytes(length).encodeHex()
     }
 
     static ByteBuffer htonl(int value) {
diff --git a/groovy-crypt/src/main/groovy/org/xbib/groovy/crypt/random/RandomUtil.groovy b/groovy-crypt/src/main/groovy/org/xbib/groovy/crypt/random/RandomUtil.groovy
index 222e660..066ae61 100644
--- a/groovy-crypt/src/main/groovy/org/xbib/groovy/crypt/random/RandomUtil.groovy
+++ b/groovy-crypt/src/main/groovy/org/xbib/groovy/crypt/random/RandomUtil.groovy
@@ -11,4 +11,10 @@ class RandomUtil {
         secureRandom.nextBytes(b)
         b.encodeHex().toString()
     }
+
+    static byte[] randomBytes(int length) {
+        byte[] b = new byte[length]
+        secureRandom.nextBytes(b)
+        b
+    }
 }