From f97685aba73c01d93689fca1a67338fb4d23919c Mon Sep 17 00:00:00 2001
From: Mathieu Baudier <mbaudier@argeo.org>
Date: Mon, 24 Jan 2022 12:58:12 +0100
Subject: [PATCH] Reseed secure random for each random UUID.

---
 .../argeo/api/uuid/AbstractAsyncUuidFactory.java    | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/org.argeo.api.uuid/src/org/argeo/api/uuid/AbstractAsyncUuidFactory.java b/org.argeo.api.uuid/src/org/argeo/api/uuid/AbstractAsyncUuidFactory.java
index 2b4c27f3f..1948eafbd 100644
--- a/org.argeo.api.uuid/src/org/argeo/api/uuid/AbstractAsyncUuidFactory.java
+++ b/org.argeo.api.uuid/src/org/argeo/api/uuid/AbstractAsyncUuidFactory.java
@@ -1,6 +1,9 @@
 package org.argeo.api.uuid;
 
+import java.security.DrbgParameters;
+import java.security.DrbgParameters.Capability;
 import java.security.SecureRandom;
+import java.security.SecureRandomParameters;
 import java.util.UUID;
 import java.util.concurrent.Callable;
 import java.util.concurrent.CompletableFuture;
@@ -53,6 +56,16 @@ public abstract class AbstractAsyncUuidFactory extends AbstractUuidFactory imple
 	 * SYNC OPERATIONS
 	 */
 	protected UUID newRandomUUIDStrong() {
+		SecureRandomParameters parameters = secureRandom.getParameters();
+		if (parameters != null) {
+			if (parameters instanceof DrbgParameters.Instantiation) {
+				Capability capability = ((DrbgParameters.Instantiation) parameters).getCapability();
+				if (capability.equals(DrbgParameters.Capability.PR_AND_RESEED)
+						|| capability.equals(DrbgParameters.Capability.RESEED_ONLY)) {
+					secureRandom.reseed();
+				}
+			}
+		}
 		return newRandomUUID(secureRandom);
 	}
 
-- 
2.30.2