Fix spotbugs failure

tinaselenge · tinaselenge · commit 80a2eae5cd0a · 2025-07-23T15:22:57.000+01:00
Signed-off-by: Gantigmaa Selenge &lt;tina.selenge@gmail.com&gt;
diff --git a/kafka-agent/src/main/java/io/strimzi/kafka/agent/KafkaAgent.java b/kafka-agent/src/main/java/io/strimzi/kafka/agent/KafkaAgent.java
@@ -39,6 +39,8 @@
 import java.lang.reflect.Method;
 import java.nio.charset.StandardCharsets;
 import java.security.GeneralSecurityException;
+import java.security.SecureRandom;
+import java.util.Base64;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Properties;
@@ -76,6 +78,7 @@ public class KafkaAgent {
     private static final byte BROKER_RUNNING_STATE = 3;
     private static final byte BROKER_RECOVERY_STATE = 2;
     private static final byte BROKER_UNKNOWN_STATE = 127;
+    private static final SecureRandom RANDOM = new SecureRandom();
     private Secret caCertSecret;
     private Secret nodeCertSecret;
     private MetricName brokerStateName;
@@ -263,7 +266,10 @@ private SslContextFactory.Server getSSLContextFactory() throws GeneralSecurityEx
         SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
         sslContextFactory.setTrustStore(KafkaAgentUtils.jksTrustStore(caCertSecret));
 
-        String password = KafkaAgentUtils.generateRandomPassword();
+        byte[] random = new byte[24];
+        RANDOM.nextBytes(random);
+        String password = Base64.getUrlEncoder().withoutPadding().encodeToString(random).substring(0, 32);
+
         sslContextFactory.setKeyStore(KafkaAgentUtils.jksKeyStore(nodeCertSecret, password.toCharArray()));
         sslContextFactory.setKeyStorePassword(password);
         sslContextFactory.setNeedClientAuth(true);
diff --git a/kafka-agent/src/main/java/io/strimzi/kafka/agent/KafkaAgentUtils.java b/kafka-agent/src/main/java/io/strimzi/kafka/agent/KafkaAgentUtils.java
@@ -13,7 +13,6 @@
 import java.security.KeyFactory;
 import java.security.KeyStore;
 import java.security.PrivateKey;
-import java.security.SecureRandom;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
@@ -78,12 +77,6 @@ static KeyStore jksKeyStore(Secret secret, char[] password) throws GeneralSecuri
         return nodeKeyStore;
     }
 
-    static String generateRandomPassword() {
-        byte[] random = new byte[24];
-        new SecureRandom().nextBytes(random);
-        return Base64.getUrlEncoder().withoutPadding().encodeToString(random).substring(0, 32);
-    }
-
     /**
      * Extract all public keys (all .crt records) from a secret.
      */
