From 0d65679ed8b6ac3df844fd8581d9b7f18f236d66 Mon Sep 17 00:00:00 2001
From: Thomas Wolf <twolf@apache.org>
Date: Thu, 19 Dec 2024 17:57:02 +0100
Subject: [PATCH] GH-642: Revert "JceRandom: use
 SecureRandom.getInstanceStrong()"

This reverts commit 3cc9d481f727793fb8c878181e0adcc07669d450.

Do _not_ use a strong RNG; it may run into entropy starvation. Just
plain new SecureRandom() is good enough.
---
 .../org/apache/sshd/common/random/JceRandom.java   | 14 +-------------
 1 file changed, 1 insertion(+), 13 deletions(-)

diff --git a/sshd-common/src/main/java/org/apache/sshd/common/random/JceRandom.java b/sshd-common/src/main/java/org/apache/sshd/common/random/JceRandom.java
index f360b854e..a7769f35d 100644
--- a/sshd-common/src/main/java/org/apache/sshd/common/random/JceRandom.java
+++ b/sshd-common/src/main/java/org/apache/sshd/common/random/JceRandom.java
@@ -18,23 +18,16 @@
  */
 package org.apache.sshd.common.random;
 
-import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
 /**
  * A <code>Random</code> implementation using the built-in {@link SecureRandom} PRNG.
  *
  * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
  */
 public class JceRandom extends AbstractRandom {
-
     public static final String NAME = "JCE";
 
-    private static final Logger LOG = LoggerFactory.getLogger(JceRandom.class);
-
     private byte[] tmp = new byte[16];
     private final SecureRandom random = getRandom();
 
@@ -43,12 +36,7 @@ public JceRandom() {
     }
 
     private static SecureRandom getRandom() {
-        try {
-            return SecureRandom.getInstanceStrong();
-        } catch (NoSuchAlgorithmException e) {
-            LOG.warn("No strong SecureRandom algorithm available; falling back to non-strong SecureRandom PRNG.");
-            return new SecureRandom();
-        }
+        return new SecureRandom();
     }
 
     private static final class Cache {