From 5f843f1847e833ea4bbfc8d50db2c838721aa98f Mon Sep 17 00:00:00 2001
From: Wilalberto Rodriguez <wrodrig@us.ibm.com>
Date: Wed, 9 Apr 2025 12:52:56 -0500
Subject: [PATCH] Fix Update the way we generate random bytes for LTPA

In this change, we are looking to update the way we generate random bytes for LTPA keys and audit files.
---
 .../src/com/ibm/ws/common/crypto/CryptoUtils.java      | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/dev/com.ibm.ws.kernel.service/src/com/ibm/ws/common/crypto/CryptoUtils.java b/dev/com.ibm.ws.kernel.service/src/com/ibm/ws/common/crypto/CryptoUtils.java
index bdcb81049f59..2f350a341222 100644
--- a/dev/com.ibm.ws.kernel.service/src/com/ibm/ws/common/crypto/CryptoUtils.java
+++ b/dev/com.ibm.ws.kernel.service/src/com/ibm/ws/common/crypto/CryptoUtils.java
@@ -395,15 +395,9 @@ public static boolean isFIPSEnabled() {
     public static byte[] generateRandomBytes(int length) {
         byte[] seed = null;
         SecureRandom rand = new SecureRandom();
+        seed = new byte[length];
+        rand.nextBytes(seed);
 
-        // TODO: Investigate hardware Crypto
-        //String hardwareCryptoProvider = "IBMJCECCA";
-        //Provider provider = rand.getProvider();
-        //if (hardwareCryptoProvider.equals(provider.getName())) {
-        //    seed = new byte[length];
-        //    rand.nextBytes(seed);
-        //} else {
-        seed = rand.generateSeed(length);
         return seed;
     }
 }