From 843063cd74277d3a713c2d6f7e5a74e71474eb35 Mon Sep 17 00:00:00 2001
From: AssahBismarkabah <assah9799@gmail.com>
Date: Mon, 5 Aug 2024 12:26:34 +0100
Subject: [PATCH 1/2] Fix: Ensure unique IV generation for GCM encryption to
 prevent reuse error

---
 .../impl/cmsencryption/CMSEncryptionServiceImpl.java           | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/datasafe-encryption/datasafe-encryption-impl/src/main/java/de/adorsys/datasafe/encrypiton/impl/cmsencryption/CMSEncryptionServiceImpl.java b/datasafe-encryption/datasafe-encryption-impl/src/main/java/de/adorsys/datasafe/encrypiton/impl/cmsencryption/CMSEncryptionServiceImpl.java
index 82819e4ec..0d99230b9 100644
--- a/datasafe-encryption/datasafe-encryption-impl/src/main/java/de/adorsys/datasafe/encrypiton/impl/cmsencryption/CMSEncryptionServiceImpl.java
+++ b/datasafe-encryption/datasafe-encryption-impl/src/main/java/de/adorsys/datasafe/encrypiton/impl/cmsencryption/CMSEncryptionServiceImpl.java
@@ -30,6 +30,7 @@
 import java.io.OutputStream;
 import java.security.Key;
 import java.security.KeyPair;
+import java.security.SecureRandom;
 import java.util.Collections;
 import java.util.Map;
 import java.util.Set;
@@ -145,7 +146,7 @@ private OutputStream streamEncrypt(OutputStream dataContentStream, Set<Recipient
 
         return generator.open(
                 dataContentStream,
-                new JceCMSContentEncryptorBuilder(algorithm).setProvider(GeneratorModule_ProviderFactory.provider()).build()
+                new JceCMSContentEncryptorBuilder(algorithm).setProvider(GeneratorModule_ProviderFactory.provider()).setSecureRandom(new SecureRandom()).build()
         );
     }
 }

From f4e1e21da9875ae664064c5d3c5bb72cd2d41726 Mon Sep 17 00:00:00 2001
From: AssahBismarkabah <assah9799@gmail.com>
Date: Mon, 12 Aug 2024 08:16:22 +0100
Subject: [PATCH 2/2] update: CMSEncryptionServiceImpl

---
 .../impl/cmsencryption/CMSEncryptionServiceImpl.java          | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/datasafe-encryption/datasafe-encryption-impl/src/main/java/de/adorsys/datasafe/encrypiton/impl/cmsencryption/CMSEncryptionServiceImpl.java b/datasafe-encryption/datasafe-encryption-impl/src/main/java/de/adorsys/datasafe/encrypiton/impl/cmsencryption/CMSEncryptionServiceImpl.java
index 0d99230b9..6f9a59e1f 100644
--- a/datasafe-encryption/datasafe-encryption-impl/src/main/java/de/adorsys/datasafe/encrypiton/impl/cmsencryption/CMSEncryptionServiceImpl.java
+++ b/datasafe-encryption/datasafe-encryption-impl/src/main/java/de/adorsys/datasafe/encrypiton/impl/cmsencryption/CMSEncryptionServiceImpl.java
@@ -48,10 +48,12 @@
 public class CMSEncryptionServiceImpl implements CMSEncryptionService {
 
     private ASNCmsEncryptionConfig encryptionConfig;
+    private SecureRandom secureRandom;
 
     @Inject
     public CMSEncryptionServiceImpl(ASNCmsEncryptionConfig encryptionConfig) {
         this.encryptionConfig = encryptionConfig;
+        this.secureRandom = new SecureRandom();
     }
 
     /**
@@ -146,7 +148,7 @@ private OutputStream streamEncrypt(OutputStream dataContentStream, Set<Recipient
 
         return generator.open(
                 dataContentStream,
-                new JceCMSContentEncryptorBuilder(algorithm).setProvider(GeneratorModule_ProviderFactory.provider()).setSecureRandom(new SecureRandom()).build()
+                new JceCMSContentEncryptorBuilder(algorithm).setProvider(GeneratorModule_ProviderFactory.provider()).setSecureRandom( this.secureRandom).build()
         );
     }
 }