Always use JCERandom as the default RNG (#606)

FabianHenneke · web-flow · commit 3c85b8691550 · 2020-06-23T14:51:55.000+02:00
The current implementation relies on `VMPCRandomGenerator` for random number generation if BouncyCastle is registered, otherwise it falls back to `SecureRandom`. Nowadays, `SecureRandom` should always be the best available option, whereas `VMPCRandomGenerator` [has known weaknesses](https://books.google.de/books?id=niO6BQAAQBAJ&pg=PA140&lpg=PA140&dq=vmpc+prng&source=bl&ots=QAdZJOT607&sig=ACfU3U0Edqlpm08iRZJLxeWGQNwNQz7WsQ&hl=en&sa=X&ved=2ahUKEwjd2Zyr9pfqAhXWMMAKHT70AioQ6AEwDnoECAoQAQ#v=onepage&q=vmpc%20prng&f=false).
diff --git a/src/main/java/net/schmizz/sshj/DefaultConfig.java b/src/main/java/net/schmizz/sshj/DefaultConfig.java
@@ -146,8 +146,7 @@ protected void initKeyAlgorithms() {
     }
 
     protected void initRandomFactory(boolean bouncyCastleRegistered) {
-        setRandomFactory(new SingletonRandomFactory(bouncyCastleRegistered
-                ? new BouncyCastleRandom.Factory() : new JCERandom.Factory()));
+        setRandomFactory(new SingletonRandomFactory(new JCERandom.Factory()));
     }
 
     protected void initFileKeyProviderFactories(boolean bouncyCastleRegistered) {

Original file line number	Diff line number	Diff line change
`@@ -146,8 +146,7 @@ protected void initKeyAlgorithms() {`
`146`	`146`	`}`
`147`	`147`
`148`	`148`	`protected void initRandomFactory(boolean bouncyCastleRegistered) {`
`149`		`- setRandomFactory(new SingletonRandomFactory(bouncyCastleRegistered`
`150`		`- ? new BouncyCastleRandom.Factory() : new JCERandom.Factory()));`
	`149`	`+ setRandomFactory(new SingletonRandomFactory(new JCERandom.Factory()));`
`151`	`150`	`}`
`152`	`151`
`153`	`152`	`protected void initFileKeyProviderFactories(boolean bouncyCastleRegistered) {`