WICKET-7174: DefaultSecureRandomSupplier does not work for FIPS (#1361)
1. Lazy load DefaultSecureRandomSupplier in SecuritySettings.java
2. Lazy load `SecureRandom.getInstance("SHA1PRNG")` in
DefaultSecureRandomSupplier.java
(cherry picked from commit 5710d7d276bb0a407dbf592dfe666612b4272282)
diff --git a/wicket-core/src/main/java/org/apache/wicket/core/random/DefaultSecureRandomSupplier.java b/wicket-core/src/main/java/org/apache/wicket/core/random/DefaultSecureRandomSupplier.java
index b8168b3..42e12ea 100644
--- a/wicket-core/src/main/java/org/apache/wicket/core/random/DefaultSecureRandomSupplier.java
+++ b/wicket-core/src/main/java/org/apache/wicket/core/random/DefaultSecureRandomSupplier.java
@@ -32,23 +32,24 @@
*/
public class DefaultSecureRandomSupplier implements ISecureRandomSupplier
{
- private SecureRandom random;
-
- public DefaultSecureRandomSupplier()
+ private static final class Holder
{
- try
+ private static final SecureRandom INSTANCE;
+
+ static
{
- random = SecureRandom.getInstance("SHA1PRNG");
- }
- catch (NoSuchAlgorithmException e)
- {
- throw new WicketRuntimeException(e);
+ try
+ {
+ INSTANCE = SecureRandom.getInstance("SHA1PRNG");
+ } catch (NoSuchAlgorithmException e) {
+ throw new WicketRuntimeException(e);
+ }
}
}
@Override
public SecureRandom getRandom()
{
- return random;
+ return Holder.INSTANCE;
}
}
diff --git a/wicket-core/src/main/java/org/apache/wicket/settings/SecuritySettings.java b/wicket-core/src/main/java/org/apache/wicket/settings/SecuritySettings.java
index dbcba20..9447f3f 100644
--- a/wicket-core/src/main/java/org/apache/wicket/settings/SecuritySettings.java
+++ b/wicket-core/src/main/java/org/apache/wicket/settings/SecuritySettings.java
@@ -66,7 +66,7 @@
private ICryptFactory cryptFactory;
/** supplier of random data and SecureRandom */
- private ISecureRandomSupplier randomSupplier = new DefaultSecureRandomSupplier();
+ private ISecureRandomSupplier randomSupplier;
/**
* Whether mounts should be enforced. If {@code true}, requests for a page will be
@@ -146,6 +146,10 @@
*/
public ISecureRandomSupplier getRandomSupplier()
{
+ if (randomSupplier == null)
+ {
+ randomSupplier = new DefaultSecureRandomSupplier();
+ }
return randomSupplier;
}
