From 570e8bbe939f04abc31a78eb99e5e0d3c461728f Mon Sep 17 00:00:00 2001
From: ylecollen <ylecollen@amdocs.com>
Date: Wed, 4 Jan 2017 09:07:12 +0100
Subject: [PATCH] use secureRandom in getRandomKey

---
 .../src/main/java/org/matrix/olm/OlmUtility.java | 16 +++++-----------
 1 file changed, 5 insertions(+), 11 deletions(-)

diff --git a/java/android/OlmLibSdk/olm-sdk/src/main/java/org/matrix/olm/OlmUtility.java b/java/android/OlmLibSdk/olm-sdk/src/main/java/org/matrix/olm/OlmUtility.java
index 287a9d2..d3c185f 100644
--- a/java/android/OlmLibSdk/olm-sdk/src/main/java/org/matrix/olm/OlmUtility.java
+++ b/java/android/OlmLibSdk/olm-sdk/src/main/java/org/matrix/olm/OlmUtility.java
@@ -20,7 +20,7 @@ package org.matrix.olm;
 import android.text.TextUtils;
 import android.util.Log;
 
-import java.util.Random;
+import java.security.SecureRandom;
 
 /**
  * Olm SDK helper class.
@@ -138,16 +138,10 @@ public class OlmUtility {
      * @return string containing randoms integer values
      */
     public static String getRandomKey() {
-        String keyRetValue;
-        Random rand = new Random();
-        StringBuilder strBuilder = new StringBuilder();
-
-        for(int i = 0; i< RANDOM_KEY_SIZE; i++) {
-            strBuilder.append(rand.nextInt(RANDOM_RANGE));
-        }
-        keyRetValue = strBuilder.toString();
-
-        return keyRetValue;
+        SecureRandom secureRandom = new SecureRandom();
+        byte[] buffer = new byte[RANDOM_KEY_SIZE];
+        secureRandom.nextBytes(buffer);
+        return new String(buffer);
     }
 
     /**
-- 
GitLab