diff options
| author | Bjørn Christian Seime <bjorncs@oath.com> | 2018-06-07 13:11:53 +0200 |
|---|---|---|
| committer | Bjørn Christian Seime <bjorncs@oath.com> | 2018-06-07 13:11:53 +0200 |
| commit | f205ceb203bf376d905489ea979b63b2e2e6f5d8 (patch) | |
| tree | 963e5df5a44684396c3e69c1eb7cc7fe1b1a113d /athenz-identity-provider-service | |
| parent | e602b044f950f099c540eb4090e12af92cf5137b (diff) | |
Use UUID to generate random, crypto secure secret
Diffstat (limited to 'athenz-identity-provider-service')
| -rw-r--r-- | athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzSslKeyStoreConfigurator.java | 10 |
1 files changed, 2 insertions, 8 deletions
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzSslKeyStoreConfigurator.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzSslKeyStoreConfigurator.java index f1fc938d3ea..2a517e06ae2 100644 --- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzSslKeyStoreConfigurator.java +++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzSslKeyStoreConfigurator.java @@ -23,11 +23,11 @@ import java.security.GeneralSecurityException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.PrivateKey; -import java.security.SecureRandom; import java.security.cert.X509Certificate; import java.time.Duration; import java.time.Instant; import java.util.Optional; +import java.util.UUID; import java.util.concurrent.Executors; import java.util.concurrent.ScheduledExecutorService; import java.util.concurrent.TimeUnit; @@ -45,7 +45,6 @@ import static com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.Utils.g @SuppressWarnings("unused") // Component injected into Jetty connector factory public class AthenzSslKeyStoreConfigurator extends AbstractComponent implements SslKeyStoreConfigurator { private static final Logger log = Logger.getLogger(AthenzSslKeyStoreConfigurator.class.getName()); - private static final SecureRandom secureRandom = new SecureRandom(); private static final String CERTIFICATE_ALIAS = "athenz"; private static final Duration EXPIRATION_MARGIN = Duration.ofHours(6); @@ -172,12 +171,7 @@ public class AthenzSslKeyStoreConfigurator extends AbstractComponent implements } private static char[] generateKeystorePassword() { - int length = 128; - char[] pwd = new char[length]; - for (int i = 0; i < length; i++) { - pwd[i] = (char) secureRandom.nextInt(); - } - return pwd; + return UUID.randomUUID().toString().toCharArray(); } private class AthenzCertificateUpdater implements Runnable { |