proprietary · December 19, 2024 03:13
diff --git a/0001-Revert-JceRandom-use-SecureRandom.getInstanceStrong.patch b/0001-Revert-JceRandom-use-SecureRandom.getInstanceStrong.patch
 From c84e6a77451b9666c9a2e6e89d54d502a04c4aed Mon Sep 17 00:00:00 2001
 From: Zelly Snyder <[email protected]>
 Date: Wed, 18 Dec 2024 19:06:33 -0800
 Subject: [PATCH] Revert "JceRandom: use SecureRandom.getInstanceStrong()"

 This reverts commit 3cc9d481f727793fb8c878181e0adcc07669d450.
 ---
 .../org/apache/sshd/common/random/JceRandom.java | 16 ++--------------
 1 file changed, 2 insertions(+), 14 deletions(-)

 diff --git a/sshd-common/src/main/java/org/apache/sshd/common/random/JceRandom.java b/sshd-common/src/main/java/org/apache/sshd/common/random/JceRandom.java
 index f360b854e..19488450d 100644
 --- a/sshd-common/src/main/java/org/apache/sshd/common/random/JceRandom.java
 +++ b/sshd-common/src/main/java/org/apache/sshd/common/random/JceRandom.java
 @@ -18,37 +18,25 @@
  */
 package org.apache.sshd.common.random;
 
 -import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 
 -import org.slf4j.Logger;
 -import org.slf4j.LoggerFactory;
 -
 /**
  * A <code>Random</code> implementation using the built-in {@link SecureRandom} PRNG.
  *
  * @author <a href="mailto:[email protected]">Apache MINA SSHD Project</a>
  */
 public class JceRandom extends AbstractRandom {
 -
     public static final String NAME = "JCE";
 
 -    private static final Logger LOG = LoggerFactory.getLogger(JceRandom.class);
 -
     private byte[] tmp = new byte[16];
 -    private final SecureRandom random = getRandom();
 +    private final SecureRandom random = new SecureRandom();
 
     public JceRandom() {
         super();
     }
 
     private static SecureRandom getRandom() {
 -        try {
 -            return SecureRandom.getInstanceStrong();
 -        } catch (NoSuchAlgorithmException e) {
 -            LOG.warn("No strong SecureRandom algorithm available; falling back to non-strong SecureRandom PRNG.");
 -            return new SecureRandom();
 -        }
 +        return new SecureRandom();
     }
 
     private static final class Cache {
 -- 
 2.47.0
	From c84e6a77451b9666c9a2e6e89d54d502a04c4aed Mon Sep 17 00:00:00 2001
	From: Zelly Snyder <[email protected]>
	Date: Wed, 18 Dec 2024 19:06:33 -0800
	Subject: [PATCH] Revert "JceRandom: use SecureRandom.getInstanceStrong()"

	This reverts commit 3cc9d481f727793fb8c878181e0adcc07669d450.
	---
	.../org/apache/sshd/common/random/JceRandom.java \| 16 ++--------------
	1 file changed, 2 insertions(+), 14 deletions(-)

	diff --git a/sshd-common/src/main/java/org/apache/sshd/common/random/JceRandom.java b/sshd-common/src/main/java/org/apache/sshd/common/random/JceRandom.java
	index f360b854e..19488450d 100644
	--- a/sshd-common/src/main/java/org/apache/sshd/common/random/JceRandom.java
	+++ b/sshd-common/src/main/java/org/apache/sshd/common/random/JceRandom.java
	@@ -18,37 +18,25 @@
	*/
	package org.apache.sshd.common.random;

	-import java.security.NoSuchAlgorithmException;
	import java.security.SecureRandom;

	-import org.slf4j.Logger;
	-import org.slf4j.LoggerFactory;
	-
	/**
	* A <code>Random</code> implementation using the built-in {@link SecureRandom} PRNG.
	*
	* @author <a href="mailto:[email protected]">Apache MINA SSHD Project</a>
	*/
	public class JceRandom extends AbstractRandom {
	-
	public static final String NAME = "JCE";

	- private static final Logger LOG = LoggerFactory.getLogger(JceRandom.class);
	-
	private byte[] tmp = new byte[16];
	- private final SecureRandom random = getRandom();
	+ private final SecureRandom random = new SecureRandom();

	public JceRandom() {
	super();
	}

	private static SecureRandom getRandom() {
	- try {
	- return SecureRandom.getInstanceStrong();
	- } catch (NoSuchAlgorithmException e) {
	- LOG.warn("No strong SecureRandom algorithm available; falling back to non-strong SecureRandom PRNG.");
	- return new SecureRandom();
	- }
	+ return new SecureRandom();
	}

	private static final class Cache {
	--
	2.47.0