Random[String]Utils.secure() now uses SecureRandom() instead of

SecureRandom.getInstanceStrong() - RandomStringUtils.secure() now uses SecureRandom() instead of SecureRandom.getInstanceStrong() - RandomUtils.secure() now uses SecureRandom() instead of SecureRandom.getInstanceStrong() - Add RandomStringUtils.secureStrong() - Add RandomUtils.secureStrong()
2024-08-20 08:06:12 -04:00 · 2024-08-20 08:06:12 -04:00 · 17c32087ad
parent 50587e0e00
commit 17c32087ad
3 changed files with 109 additions and 74 deletions
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@ -50,8 +50,12 @@ The <action> type attribute can be add,update,fix,remove.
    <action issue="LANG-1760" type="fix" dev="ggregory" due-to="Marco Hoek, Gary Gregory">Using RandomStringUtils.insecure() still leads to using the secure() random.</action>
    <action                   type="fix" dev="ggregory" due-to="Gary Gregory">Deprecate static RandomUtils.next*() methods in favor or .secure() and .insecure() versions.</action>
    <action                   type="fix" dev="ggregory" due-to="Gary Gregory">Deprecate static RandomStringUtils.random*() methods in favor or .secure() and .insecure() versions.</action>
    <action                   type="add" dev="ggregory" due-to="Gary Gregory">RandomUtils.secure() now uses SecureRandom() instead of SecureRandom.getInstanceStrong().</action>
    <action                   type="add" dev="ggregory" due-to="Gary Gregory">RandomStringUtils.secure() now uses SecureRandom() instead of SecureRandom.getInstanceStrong().</action>
    <!-- ADD -->
    <action                   type="add" dev="ggregory" due-to="Gary Gregory">Make RandomUtils.insecure() public.</action>
    <action                   type="add" dev="ggregory" due-to="Gary Gregory">Add RandomUtils.secureStrong().</action>
    <action                   type="add" dev="ggregory" due-to="Gary Gregory">Add RandomStringUtils.secureStrong().</action>
    <!-- UPDATE -->
    <action                   type="update" dev="ggregory" due-to="Gary Gregory, Dependabot">Bump org.hamcrest:hamcrest from 2.2 to 3.0 #1255.</action>
    <action                   type="update" dev="ggregory" due-to="Gary Gregory, Dependabot">Bump org.easymock:easymock from 5.3.0 to 5.4.0 #1256.</action>
--- a/src/main/java/org/apache/commons/lang3/RandomStringUtils.java
+++ b/src/main/java/org/apache/commons/lang3/RandomStringUtils.java
@ -25,39 +25,42 @@ import java.util.function.Supplier;
 /**
 * Generates random {@link String}s.
 * <p>
 * Use {@link #secure()} to get the singleton instance based on {@link SecureRandom#SecureRandom()} which uses a secure random number generator (RNG)
 * implementing the default random number algorithm..
 * </p>
 * <p>
 * Use {@link #secureStrong()} to get the singleton instance based on {@link SecureRandom#getInstanceStrong()} which uses an algorithms/providers specified in
 * the {@code securerandom.strongAlgorithms} {@link Security} property.
 * </p>
 * <p>
 * Use {@link #insecure()} to get the singleton instance based on {@link ThreadLocalRandom#current()}; <b>which is not cryptographically secure</b>.
 * </p>
 * <p>
 * Starting in version 3.17.0, the method {@link #secure()} uses {@link SecureRandom#SecureRandom()} instead of {@link SecureRandom#getInstanceStrong()}, and
 * adds {@link #secureStrong()}.
 * </p>
 * <p>
 * Starting in version 3.16.0, this class uses {@link #secure()} for static methods and adds {@link #insecure()}.
 * </p>
 * <p>
 * Starting in version 3.15.0, this class uses {@link SecureRandom#getInstanceStrong()} for static methods.
 * </p>
 * <p>
- * Before version 3.15.0, this class used {@link ThreadLocalRandom#current()} for static methods, which is not
+ * Before version 3.15.0, this class used {@link ThreadLocalRandom#current()} for static methods, which is not cryptographically secure.
 * cryptographically secure.
 * </p>
 * <p>
 * Use {@link #secure()} to get the singleton instance based on {@link SecureRandom#getInstanceStrong()} which uses an
 * algorithms/providers specified in the {@code securerandom.strongAlgorithms} {@link Security} property.
 * </p>
 * <p>
 * Use {@link #insecure()} to get the singleton instance based on {@link ThreadLocalRandom#current()}; <b>which is not
 * cryptographically secure</b>.
 * </p>
 * <p>
 * RandomStringUtils is intended for simple use cases. For more advanced use cases consider using Apache Commons Text's
- * <a href=
+ * <a href= "https://commons.apache.org/proper/commons-text/javadocs/api-release/org/apache/commons/text/RandomStringGenerator.html"> RandomStringGenerator</a>
- * "https://commons.apache.org/proper/commons-text/javadocs/api-release/org/apache/commons/text/RandomStringGenerator.html">
+ * instead.
 * RandomStringGenerator</a> instead.
 * </p>
 * <p>
- * The Apache Commons project provides <a href="https://commons.apache.org/proper/commons-rng/">Commons RNG</a>
+ * The Apache Commons project provides <a href="https://commons.apache.org/proper/commons-rng/">Commons RNG</a> dedicated to pseudo-random number generation,
- * dedicated to pseudo-random number generation, that may be a better choice for applications with more stringent
+ * that may be a better choice for applications with more stringent requirements (performance and/or correctness).
 * requirements (performance and/or correctness).
 * </p>
 * <p>
- * Note that <em>private high surrogate</em> characters are ignored. These are Unicode characters that fall between the
+ * Note that <em>private high surrogate</em> characters are ignored. These are Unicode characters that fall between the values 56192 (db80) and 56319 (dbff) as
- * values 56192 (db80) and 56319 (dbff) as we don't know how to handle them. High and low surrogates are correctly dealt
+ * we don't know how to handle them. High and low surrogates are correctly dealt with - that is if a high surrogate is randomly chosen, 55296 (d800) to 56191
- * with - that is if a high surrogate is randomly chosen, 55296 (d800) to 56191 (db7f) then it is followed by a low
+ * (db7f) then it is followed by a low surrogate. If a low surrogate is chosen, 56320 (dc00) to 57343 (dfff) then it is placed after a randomly chosen high
 * surrogate. If a low surrogate is chosen, 56320 (dc00) to 57343 (dfff) then it is placed after a randomly chosen high
 * surrogate.
 * </p>
 * <p>
@ -75,6 +78,8 @@ public class RandomStringUtils {
    private static RandomStringUtils SECURE = new RandomStringUtils(SECURE_SUPPLIER);
    private static RandomStringUtils SECURE_STRONG = new RandomStringUtils(RandomUtils::secureStrong);
    private static final char[] ALPHANUMERICAL_CHARS = { 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l',
            'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G',
            'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '0', '1',
@ -107,7 +112,7 @@ public class RandomStringUtils {
     * @param count the length of random string to create
     * @return the random string
     * @throws IllegalArgumentException if {@code count} &lt; 0.
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String random(final int count) {
@ -126,7 +131,7 @@ public class RandomStringUtils {
     * @param numbers if {@code true}, generated string may include numeric characters
     * @return the random string
     * @throws IllegalArgumentException if {@code count} &lt; 0.
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String random(final int count, final boolean letters, final boolean numbers) {
@ -144,7 +149,7 @@ public class RandomStringUtils {
     * @param chars the character array containing the set of characters to use, may be null
     * @return the random string
     * @throws IllegalArgumentException if {@code count} &lt; 0.
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String random(final int count, final char... chars) {
@ -165,7 +170,7 @@ public class RandomStringUtils {
     * @param numbers if {@code true}, generated string may include numeric characters
     * @return the random string
     * @throws IllegalArgumentException if {@code count} &lt; 0.
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String random(final int count, final int start, final int end, final boolean letters,
@ -191,7 +196,7 @@ public class RandomStringUtils {
     * @return the random string
     * @throws ArrayIndexOutOfBoundsException if there are not {@code (end - start) + 1} characters in the set array.
     * @throws IllegalArgumentException       if {@code count} &lt; 0.
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String random(final int count, final int start, final int end, final boolean letters,
@ -371,7 +376,7 @@ public class RandomStringUtils {
     * @param chars the String containing the set of characters to use, may be null, but must not be empty
     * @return the random string
     * @throws IllegalArgumentException if {@code count} &lt; 0 or the string is empty.
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String random(final int count, final String chars) {
@ -388,7 +393,7 @@ public class RandomStringUtils {
     * @param count the length of random string to create
     * @return the random string
     * @throws IllegalArgumentException if {@code count} &lt; 0.
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String randomAlphabetic(final int count) {
@ -406,7 +411,7 @@ public class RandomStringUtils {
     * @param maxLengthExclusive the exclusive maximum length of the string to generate
     * @return the random string
     * @since 3.5
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String randomAlphabetic(final int minLengthInclusive, final int maxLengthExclusive) {
@ -423,7 +428,7 @@ public class RandomStringUtils {
     * @param count the length of random string to create
     * @return the random string
     * @throws IllegalArgumentException if {@code count} &lt; 0.
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String randomAlphanumeric(final int count) {
@ -441,7 +446,7 @@ public class RandomStringUtils {
     * @param maxLengthExclusive the exclusive maximum length of the string to generate
     * @return the random string
     * @since 3.5
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String randomAlphanumeric(final int minLengthInclusive, final int maxLengthExclusive) {
@ -459,7 +464,7 @@ public class RandomStringUtils {
     * @param count the length of random string to create
     * @return the random string
     * @throws IllegalArgumentException if {@code count} &lt; 0.
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String randomAscii(final int count) {
@ -478,7 +483,7 @@ public class RandomStringUtils {
     * @param maxLengthExclusive the exclusive maximum length of the string to generate
     * @return the random string
     * @since 3.5
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String randomAscii(final int minLengthInclusive, final int maxLengthExclusive) {
@ -497,7 +502,7 @@ public class RandomStringUtils {
     * @return the random string
     * @throws IllegalArgumentException if {@code count} &lt; 0.
     * @since 3.5
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String randomGraph(final int count) {
@ -515,7 +520,7 @@ public class RandomStringUtils {
     * @param maxLengthExclusive the exclusive maximum length of the string to generate
     * @return the random string
     * @since 3.5
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String randomGraph(final int minLengthInclusive, final int maxLengthExclusive) {
@ -532,7 +537,7 @@ public class RandomStringUtils {
     * @param count the length of random string to create
     * @return the random string
     * @throws IllegalArgumentException if {@code count} &lt; 0.
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String randomNumeric(final int count) {
@ -550,7 +555,7 @@ public class RandomStringUtils {
     * @param maxLengthExclusive the exclusive maximum length of the string to generate
     * @return the random string
     * @since 3.5
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String randomNumeric(final int minLengthInclusive, final int maxLengthExclusive) {
@ -569,7 +574,7 @@ public class RandomStringUtils {
     * @return the random string
     * @throws IllegalArgumentException if {@code count} &lt; 0.
     * @since 3.5
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String randomPrint(final int count) {
@ -587,13 +592,28 @@ public class RandomStringUtils {
     * @param maxLengthExclusive the exclusive maximum length of the string to generate
     * @return the random string
     * @since 3.5
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static String randomPrint(final int minLengthInclusive, final int maxLengthExclusive) {
        return secure().nextPrint(minLengthInclusive, maxLengthExclusive);
    }
    /**
     * Gets the singleton instance based on {@link SecureRandom#SecureRandom()} which uses a secure random number generator (RNG) implementing the default
     * random number algorithm.
     * <p>
     * The method {@link SecureRandom#SecureRandom()} is called on-demand.
     * </p>
     *
     * @return the singleton instance based on {@link SecureRandom#SecureRandom()}.
     * @see SecureRandom#SecureRandom()
     * @since 3.16.0
     */
    public static RandomStringUtils secure() {
        return SECURE;
    }
    /**
     * Gets the singleton instance based on {@link SecureRandom#getInstanceStrong()} which uses an algorithms/providers
     * specified in the {@code securerandom.strongAlgorithms} {@link Security} property.
@ -603,10 +623,10 @@ public class RandomStringUtils {
     *
     * @return the singleton instance based on {@link SecureRandom#getInstanceStrong()}.
     * @see SecureRandom#getInstanceStrong()
-     * @since 3.16.0
+     * @since 3.17.0
     */
-    public static RandomStringUtils secure() {
+    public static RandomStringUtils secureStrong() {
-        return SECURE;
+        return SECURE_STRONG;
    }
    private final Supplier<RandomUtils> random;
--- a/src/main/java/org/apache/commons/lang3/RandomUtils.java
+++ b/src/main/java/org/apache/commons/lang3/RandomUtils.java
@ -28,27 +28,33 @@ import org.apache.commons.lang3.exception.UncheckedException;
 /**
 * Supplements the standard {@link Random} class.
 * <p>
- * Use {@link #secure()} to get the singleton instance based on {@link SecureRandom#getInstanceStrong()} which uses an
+ * Use {@link #secure()} to get the singleton instance based on {@link SecureRandom#SecureRandom()} which uses a secure random number generator (RNG)
- * algorithms/providers specified in the {@code securerandom.strongAlgorithms} {@link Security} property.
+ * implementing the default random number algorithm.
 * </p>
 * <p>
- * Use {@link #insecure()} to get the singleton instance based on {@link ThreadLocalRandom#current()}; <b>which is not
+ * Use {@link #secureStrong()} to get the singleton instance based on {@link SecureRandom#getInstanceStrong()} which uses an algorithms/providers specified in
- * cryptographically secure</b>.
+ * the {@code securerandom.strongAlgorithms} {@link Security} property.
 * </p>
 * <p>
- * Starting in version 3.15.0, this class uses {@link SecureRandom#getInstanceStrong()} for static methods.
+ * Use {@link #insecure()} to get the singleton instance based on {@link ThreadLocalRandom#current()}; <b>which is not cryptographically secure</b>.
 * </p>
 * <p>
 * Starting in version 3.17.0, the method {@link #secure()} uses {@link SecureRandom#SecureRandom()} instead of {@link SecureRandom#getInstanceStrong()}, and
 * adds {@link #secureStrong()}.
 * </p>
 * <p>
 * Starting in version 3.16.0, this class uses {@link #secure()} for static methods and adds {@link #insecure()}.
 * </p>
 * <p>
- * Before version 3.15.0, this class used {@link ThreadLocalRandom#current()} for static methods, which is not
+ * Starting in version 3.15.0, this class uses {@link SecureRandom#getInstanceStrong()} for static methods.
- * cryptographically secure.
+ * </p>
 * <p>
 * Before version 3.15.0, this class used {@link ThreadLocalRandom#current()} for static methods, which is not cryptographically secure.
 * </p>
 * <p>
 * Please note that the Apache Commons project provides a component dedicated to pseudo-random number generation, namely
- * <a href="https://commons.apache.org/proper/commons-rng/">Commons RNG</a>, that may be a better choice for
+ * <a href="https://commons.apache.org/proper/commons-rng/">Commons RNG</a>, that may be a better choice for applications with more stringent requirements
- * applications with more stringent requirements (performance and/or correctness).
+ * (performance and/or correctness).
 * </p>
 *
 * @see RandomStringUtils
@ -58,6 +64,8 @@ public class RandomUtils {
    private static RandomUtils INSECURE = new RandomUtils(ThreadLocalRandom::current);
    private static RandomUtils SECURE = new RandomUtils(SecureRandom::new);
    private static final Supplier<Random> SECURE_STRONG_SUPPLIER = () -> RandomUtils.SECURE_RANDOM_STRONG.get();
    private static RandomUtils SECURE_STRONG = new RandomUtils(SECURE_STRONG_SUPPLIER);
@ -92,7 +100,7 @@ public class RandomUtils {
     *
     * @return the random boolean
     * @since 3.5
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static boolean nextBoolean() {
@ -105,7 +113,7 @@ public class RandomUtils {
     * @param count the size of the returned array
     * @return the random byte array
     * @throws IllegalArgumentException if {@code count} is negative
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static byte[] nextBytes(final int count) {
@ -118,7 +126,7 @@ public class RandomUtils {
     * @return the random double
     * @see #nextDouble(double, double)
     * @since 3.5
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static double nextDouble() {
@ -133,7 +141,7 @@ public class RandomUtils {
     * @throws IllegalArgumentException if {@code startInclusive > endExclusive} or if {@code startInclusive} is
     *                                  negative
     * @return the random double
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static double nextDouble(final double startInclusive, final double endExclusive) {
@ -146,7 +154,7 @@ public class RandomUtils {
     * @return the random float
     * @see #nextFloat(float, float)
     * @since 3.5
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static float nextFloat() {
@ -161,7 +169,7 @@ public class RandomUtils {
     * @throws IllegalArgumentException if {@code startInclusive > endExclusive} or if {@code startInclusive} is
     *                                  negative
     * @return the random float
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static float nextFloat(final float startInclusive, final float endExclusive) {
@ -174,7 +182,7 @@ public class RandomUtils {
     * @return the random integer
     * @see #nextInt(int, int)
     * @since 3.5
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static int nextInt() {
@ -189,7 +197,7 @@ public class RandomUtils {
     * @throws IllegalArgumentException if {@code startInclusive > endExclusive} or if {@code startInclusive} is
     *                                  negative
     * @return the random integer
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static int nextInt(final int startInclusive, final int endExclusive) {
@ -202,25 +210,13 @@ public class RandomUtils {
     * @return the random long
     * @see #nextLong(long, long)
     * @since 3.5
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static long nextLong() {
        return secure().randomLong();
    }
    /**
     * Generates a {@code long} value between 0 (inclusive) and the specified value (exclusive).
     *
     * @param n Bound on the random number to be returned. Must be positive.
     * @return a random {@code long} value between 0 (inclusive) and {@code n} (exclusive).
     * @deprecated Use {@link #secure()} or {@link #insecure()}.
     */
    @Deprecated
    private static long nextLong(final long n) {
        return secure().randomLong(n);
    }
    /**
     * Generates a random long within the specified range.
     *
@ -229,13 +225,28 @@ public class RandomUtils {
     * @throws IllegalArgumentException if {@code startInclusive > endExclusive} or if {@code startInclusive} is
     *                                  negative
     * @return the random long
-     * @deprecated Use {@link #secure()} or {@link #insecure()}.
+     * @deprecated Use {@link #secure()}, {@link #secureStrong()},or {@link #insecure()}.
     */
    @Deprecated
    public static long nextLong(final long startInclusive, final long endExclusive) {
        return secure().randomLong(startInclusive, endExclusive);
    }
    /**
     * Gets the singleton instance based on {@link SecureRandom#SecureRandom()} which uses an algorithms/providers
     * specified in the {@code securerandom.strongAlgorithms} {@link Security} property.
     * <p>
     * The method {@link SecureRandom#SecureRandom()} is called on-demand.
     * </p>
     *
     * @return the singleton instance based on {@link SecureRandom#SecureRandom()}.
     * @see SecureRandom#SecureRandom()
     * @since 3.16.0
     */
    public static RandomUtils secure() {
        return SECURE;
    }
    /**
     * Gets the singleton instance based on {@link SecureRandom#getInstanceStrong()} which uses an algorithms/providers
     * specified in the {@code securerandom.strongAlgorithms} {@link Security} property.
@ -245,9 +256,9 @@ public class RandomUtils {
     *
     * @return the singleton instance based on {@link SecureRandom#getInstanceStrong()}.
     * @see SecureRandom#getInstanceStrong()
-     * @since 3.16.0
+     * @since 3.17.0
     */
-    public static RandomUtils secure() {
+    public static RandomUtils secureStrong() {
        return SECURE_STRONG;
    }