From 2057227e5ca8f6deac5b77292ae8ff4e6f68e1c5 Mon Sep 17 00:00:00 2001 From: Lubos Racansky Date: Tue, 13 Dec 2022 07:18:58 +0100 Subject: [PATCH] Fix #569: Coverity - FB.DMI_RANDOM_USED_ONLY_ONCE --- .../impl/service/internal/OtpGeneratorService.java | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/enrollment-server-onboarding/src/main/java/com/wultra/app/onboardingserver/impl/service/internal/OtpGeneratorService.java b/enrollment-server-onboarding/src/main/java/com/wultra/app/onboardingserver/impl/service/internal/OtpGeneratorService.java index c37779ac0..c25abb0e3 100644 --- a/enrollment-server-onboarding/src/main/java/com/wultra/app/onboardingserver/impl/service/internal/OtpGeneratorService.java +++ b/enrollment-server-onboarding/src/main/java/com/wultra/app/onboardingserver/impl/service/internal/OtpGeneratorService.java @@ -18,8 +18,6 @@ package com.wultra.app.onboardingserver.impl.service.internal; import com.wultra.app.onboardingserver.common.errorhandling.OnboardingProcessException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; import java.math.BigInteger; @@ -33,11 +31,11 @@ @Service public class OtpGeneratorService { - private static final Logger logger = LoggerFactory.getLogger(OtpGeneratorService.class); - private static final int OTP_MIN_LENGTH = 4; private static final int OTP_MAX_LENGTH = 12; + private final SecureRandom random = new SecureRandom(); + /** * Generate an OTP code. * @param length Length of generated OTP code. @@ -48,7 +46,6 @@ public String generateOtpCode(int length) throws OnboardingProcessException { if (length < OTP_MIN_LENGTH || length > OTP_MAX_LENGTH) { throw new OnboardingProcessException("Invalid OTP length: " + length); } - SecureRandom random = new SecureRandom(); BigInteger bound = BigInteger.TEN.pow(length).subtract(BigInteger.ONE); long number = Math.abs(random.nextLong() % bound.longValue()); return String.format("%0" + length + "d", number);