Guillaume Nodet created CAMEL-23879:
---------------------------------------

             Summary: Add SecureRandomHelper to camel-util, consolidate all 
SecureRandom usage
                 Key: CAMEL-23879
                 URL: https://issues.apache.org/jira/browse/CAMEL-23879
             Project: Camel
          Issue Type: Improvement
          Components: camel-core
            Reporter: Guillaume Nodet


SecureRandom is thread-safe but heavyweight to instantiate — each new 
SecureRandom() gathers OS entropy. Creating a fresh instance per call is 
wasteful and measurably slows startup when many components initialize 
cryptographic material (e.g., camel-pqc had ~40 separate allocations).

This adds a shared SecureRandomHelper utility in camel-util with a 
getSecureRandom() static getter, and migrates all internal Camel code to use it 
instead of new SecureRandom().

Changes:
# New SecureRandomHelper in camel-util providing getSecureRandom() static getter
# All ~40 new SecureRandom() calls in camel-pqc consolidated
# CipherPair in camel-support migrated
# SelfSignedCertificateGenerator in camel-main migrated
# Design documentation added in design/security.adoc

Also resolves SonarCloud rule S2119 ("SecureRandom should not be created 
per-call").

PR: https://github.com/apache/camel/pull/24374



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to