GH-642: Revert "JceRandom: use SecureRandom.getInstanceStrong()"

This reverts commit 3cc9d48. Do _not_ use a strong RNG; it may run into entropy starvation. Just plain new SecureRandom() is good enough.
apache · Dec 19, 2024 · 0d65679 · 0d65679
1 parent 03cee94
commit 0d65679
Showing 1 changed file with 1 addition and 13 deletions.
diff --git a/sshd-common/src/main/java/org/apache/sshd/common/random/JceRandom.java b/sshd-common/src/main/java/org/apache/sshd/common/random/JceRandom.java
@@ -18,23 +18,16 @@
  */
 package org.apache.sshd.common.random;
 
-import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
 /**
  * A <code>Random</code> implementation using the built-in {@link SecureRandom} PRNG.
  *
  * @author <a href="mailto:[email protected]">Apache MINA SSHD Project</a>
  */
 public class JceRandom extends AbstractRandom {
-
     public static final String NAME = "JCE";
 
-    private static final Logger LOG = LoggerFactory.getLogger(JceRandom.class);
-
     private byte[] tmp = new byte[16];
     private final SecureRandom random = getRandom();
 
@@ -43,12 +36,7 @@ public JceRandom() {
     }
 
     private static SecureRandom getRandom() {
-        try {
-            return SecureRandom.getInstanceStrong();
-        } catch (NoSuchAlgorithmException e) {
-            LOG.warn("No strong SecureRandom algorithm available; falling back to non-strong SecureRandom PRNG.");
-            return new SecureRandom();
-        }
+        return new SecureRandom();
     }
 
     private static final class Cache {