GT-3640 misc changes per review

Ghidra/Features/GhidraServer/src/main/java/ghidra/server/RepositoryManager.java

@@ -277,10 +277,10 @@ public class RepositoryManager {
 		if (names.length == 0) {
 			log.info("   <none>");
 		}
-		for (String name2 : names) {
-			File f = new File(rootDirFile, NamingUtilities.mangle(name2));
+		for (String name : names) {
+			File f = new File(rootDirFile, NamingUtilities.mangle(name));
 			if (!f.isDirectory()) {
-				log.error("Error while processing repository " + name2 +
+				log.error("Error while processing repository " + name +
 					", directory not found: " + f);
 				continue;
 			}
@@ -288,15 +288,14 @@ public class RepositoryManager {
 				throw new IOException(f.getAbsolutePath() + " can not be written to");
 			}
 			try {
-				Repository rep = new Repository(this, null, f, name2);
-				String name = rep.getName();
+				Repository rep = new Repository(this, null, f, name);
 				repositoryMap.put(name, rep);
 			}
 			catch (UserAccessException e) {
 				// ignore
 			}
 			catch (Exception e) {
-				log.error("Error while processing repository " + name2 + ", " + e.getMessage());
+				log.error("Error while processing repository " + name + ", " + e.getMessage());
 				continue;
 			}
 		}

Ghidra/Features/GhidraServer/src/main/java/ghidra/server/ServerAdmin.java

@@ -130,13 +130,13 @@ public class ServerAdmin implements GhidraLaunchable {
 		int cmdLen = 1;
 		for (; ix < args.length; ix += cmdLen) {
 			boolean queueCmd = true;
-			char[] pwdHash = null;
+			String pwdHash = null;
 			if (UserAdmin.ADD_USER_COMMAND.equals(args[ix])) {  // add user
 				cmdLen = 2;
 				validateSID(args, ix + 1);
 				if (hasOptionalArg(args, ix + 2, UserAdmin.PASSWORD_OPTION)) {
 					++cmdLen;
-					pwdHash = promptForPassword(args[ix + 1]);
+					pwdHash = promptForPasswordAndGetSaltedHash(args[ix + 1]);
 				}
 			}
 			else if (UserAdmin.REMOVE_USER_COMMAND.equals(args[ix])) { // remove user
@@ -148,7 +148,7 @@ public class ServerAdmin implements GhidraLaunchable {
 				validateSID(args, ix + 1);
 				if (hasOptionalArg(args, ix + 2, UserAdmin.PASSWORD_OPTION)) {
 					++cmdLen;
-					pwdHash = promptForPassword(args[ix + 1]);
+					pwdHash = promptForPasswordAndGetSaltedHash(args[ix + 1]);
 				}
 			}
 			else if (UserAdmin.SET_USER_DN_COMMAND.equals(args[ix])) { // set/add user with DN for PKI
@@ -227,7 +227,7 @@ public class ServerAdmin implements GhidraLaunchable {
 		System.out.println();
 	}
 
-	private char[] promptForPassword(String userSID) {
+	private String promptForPasswordAndGetSaltedHash(String userSID) {
 		char[] pwd1 = null;
 		char[] pwd2 = null;
 		try {
@@ -242,7 +242,8 @@ public class ServerAdmin implements GhidraLaunchable {
 				Arrays.fill(pwd1, (char) 0);
 				Arrays.fill(pwd2, (char) 0);
 			}
-			return HashUtilities.getSaltedHash(HashUtilities.SHA256_ALGORITHM, pwd1);
+			char[] saltedHash = HashUtilities.getSaltedHash(HashUtilities.SHA256_ALGORITHM, pwd1);
+			return new String(saltedHash);
 		}
 		catch (IOException e) {
 			System.err.println("Password entry error: " + e.getMessage());
@@ -278,14 +279,18 @@ public class ServerAdmin implements GhidraLaunchable {
 
 				while (true) {
 					c = System.in.read();
-					if (c <= 0 || (Character.isWhitespace((char) c) && c != ' ')) {
+					if (c <= 0 || c == '\n') {
 						break;
 					}
+					if (c == '\r') {
+						continue;
+					}
 					if (password == null) {
 						password = new char[1];
 					}
 					else {
 						char[] newPass = new char[password.length + 1];
+						// copy prior entry into expanded array and clear old array
 						for (int i = 0; i < password.length; i++) {
 							newPass[i] = password[i];
 							password[i] = 0;
@@ -326,8 +331,8 @@ public class ServerAdmin implements GhidraLaunchable {
 	 * @param pwdHash optional password has to append to end of command
 	 */
 	private static void addCommand(ArrayList<String> cmdList, String[] args, int argOffset,
-			int argCnt, char[] pwdHash) {
-		StringBuffer buf = new StringBuffer();
+			int argCnt, String pwdHash) {
+		StringBuilder buf = new StringBuilder();
 		for (int i = 0; i < argCnt; i++) {
 			if (i > 0) {
 				buf.append(' ');

Ghidra/Framework/FileSystem/src/main/java/ghidra/util/HashUtilities.java

@@ -18,7 +18,10 @@ package ghidra.util;
 import java.io.*;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
-import java.util.*;
+import java.util.Arrays;
+import java.util.List;
+
+import generic.random.SecureRandomFactory;
 
 public class HashUtilities {
 
@@ -33,10 +36,8 @@ public class HashUtilities {
 	public static final int SHA256_UNSALTED_HASH_LENGTH = 64;
 	public static final int SHA256_SALTED_HASH_LENGTH = SHA256_UNSALTED_HASH_LENGTH + SALT_LENGTH;
 
-	private static Random random = new Random(System.nanoTime());
-
 	static char getRandomLetterOrDigit() {
-		int val = (random.nextInt() % 62); // 0-9,A-Z,a-z (10+26+26=62)
+		int val = (SecureRandomFactory.getSecureRandom().nextInt() % 62); // 0-9,A-Z,a-z (10+26+26=62)
 		if (val < 0) {
 			val = -val;
 		}