Google Git
Sign in
apache / sling-org-apache-sling-launchpad-base / 53d8d6ee9b6ff8cab72c856258ef2cace6f9230e^! / .
commit53d8d6ee9b6ff8cab72c856258ef2cace6f9230e[log] [tgz]
authorAntonio Sanso <asanso@apache.org>Mon Mar 07 12:40:19 2016 +0000
committerAntonio Sanso <asanso@apache.org>Mon Mar 07 12:40:19 2016 +0000
treedca37d23f36bbef4da44a6c358d4e3a78181851c
parent071a81a960dd61c98f48e4b637b12f3a06f00ffd [diff]
SLING-5587 - Improve ControlListener#generateKey

git-svn-id: https://svn.apache.org/repos/asf/sling/trunk@1733918 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/src/main/java/org/apache/sling/launchpad/app/ControlListener.java b/src/main/java/org/apache/sling/launchpad/app/ControlListener.java
index 8382f13..25ff7ec 100644
--- a/src/main/java/org/apache/sling/launchpad/app/ControlListener.java
+++ b/src/main/java/org/apache/sling/launchpad/app/ControlListener.java

@@ -32,14 +32,15 @@
 import java.lang.management.MonitorInfo;
 import java.lang.management.ThreadInfo;
 import java.lang.management.ThreadMXBean;
+import java.math.BigInteger;
 import java.net.ConnectException;
 import java.net.InetSocketAddress;
 import java.net.ServerSocket;
 import java.net.Socket;
+import java.security.SecureRandom;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.HashSet;
-import java.util.Random;
 import java.util.Set;
 
 /**
@@ -565,14 +566,7 @@
     }
 
     private static String generateKey() {
-        String keys = "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz0123456789";
-        int len = keys.length();
-        Random r = new Random(System.currentTimeMillis() + 33 * System.nanoTime());
-        char[] c = new char[32];
-        for (int i = 0; i < c.length; i++) {
-            c[i] = keys.charAt(r.nextInt(len));
-        }
-        return new String(c);
+         return new BigInteger(165, new SecureRandom()).toString(32);
     }
 
     /**

diff --git a/src/test/java/org/apache/sling/launchpad/app/ControlListenerTest.java b/src/test/java/org/apache/sling/launchpad/app/ControlListenerTest.java
index 5be4a1d..71b7dc7 100644
--- a/src/test/java/org/apache/sling/launchpad/app/ControlListenerTest.java
+++ b/src/test/java/org/apache/sling/launchpad/app/ControlListenerTest.java

@@ -345,8 +345,7 @@
         ControlListener cl = new ControlListener(main, null);
         
         String secretkey = (String) PrivateAccessor.invoke(cl, "generateKey", new Class[] {}, new Object[] {});
-        Assert.assertEquals(32, secretkey.length());
-        System.out.println(secretkey);
+        Assert.assertTrue(secretkey.length() >= 32);
         Matcher matcher = pattern.matcher(secretkey);
         if (!matcher.matches()) {
             Assert.fail();