Make random implementation secure (finos#825)

legend-pure-functions/legend-pure-functions-base/legend-pure-runtime-java-extension-compiled-functions-base/src/main/java/org/finos/legend/pure/runtime/java/extension/functions/compiled/FunctionsExtensionCompiled.java

@@ -416,12 +416,6 @@ public List<StringJavaSource> getExtraJavaSources()
                         "    {\n" +
                         "        return FunctionsGen.traceSpan(es, function, operationName, funcToGetTags, tagsCritical, CoreGen.bridge);\n" +
                         "    }\n" +
-                        "\n" +
-                        "    public static Double random()\n" +
-                        "    {\n" +
-                        "        return Math.random();\n" +
-                        "    }" +
-                        "\n" +
                         "}"));
     }
 

legend-pure-functions/legend-pure-functions-base/legend-pure-runtime-java-extension-compiled-functions-base/src/main/java/org/finos/legend/pure/runtime/java/extension/functions/compiled/FunctionsHelper.java

@@ -82,12 +82,12 @@
 import java.net.URLDecoder;
 import java.net.URLEncoder;
 import java.nio.charset.StandardCharsets;
+import java.security.SecureRandom;
 import java.time.Instant;
 import java.util.Calendar;
 import java.util.Iterator;
 import java.util.Map;
 import java.util.NoSuchElementException;
-import java.util.TimeZone;
 import java.util.UUID;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
@@ -98,8 +98,6 @@
 import java.util.concurrent.atomic.AtomicInteger;
 import java.util.function.Consumer;
 
-import static org.finos.legend.pure.runtime.java.compiled.generation.processors.support.CompiledSupport.getPureGeneratedClassName;
-
 public class FunctionsHelper
 {
     // Crypto ----------------------------------------------------------------
@@ -248,8 +246,6 @@ public static double atan2(double input1, double input2, SourceInformation sourc
 
 
     // DATE-TIME --------------------------------------------------------------
-    private static final TimeZone GMT = TimeZone.getTimeZone("GMT");
-
     public static PureDate adjustDate(PureDate date, long number, Enum unit)
     {
         switch (unit._name())
@@ -471,7 +467,7 @@ public static PureDate newDate(long year, SourceInformation sourceInformation)
         }
         catch (Exception e)
         {
-            throw new PureExecutionException(sourceInformation, e.getMessage());
+            throw new PureExecutionException(sourceInformation, e.getMessage(), e);
         }
     }
 
@@ -483,7 +479,7 @@ public static PureDate newDate(long year, long month, SourceInformation sourceIn
         }
         catch (Exception e)
         {
-            throw new PureExecutionException(sourceInformation, e.getMessage());
+            throw new PureExecutionException(sourceInformation, e.getMessage(), e);
         }
     }
 
@@ -495,7 +491,7 @@ public static StrictDate newDate(long year, long month, long day, SourceInformat
         }
         catch (Exception e)
         {
-            throw new PureExecutionException(sourceInformation, e.getMessage());
+            throw new PureExecutionException(sourceInformation, e.getMessage(), e);
         }
     }
 
@@ -762,6 +758,12 @@ public static double toFloat(Number number)
         return number.doubleValue();
     }
 
+    private static final SecureRandom RANDOM = new SecureRandom();
+
+    public static double random()
+    {
+        return RANDOM.nextDouble();
+    }
 
     // MATH --------------------------------------------------------------------
 
@@ -1561,7 +1563,7 @@ public static <T> T mutateAdd(T val, String property, RichIterable<? extends Obj
         }
         catch (NoSuchMethodException e)
         {
-            throw new PureExecutionException(sourceInformation, "Cannot find property '" + property + "' on " + getPureGeneratedClassName(val));
+            throw new PureExecutionException(sourceInformation, "Cannot find property '" + property + "' on " + CompiledSupport.getPureGeneratedClassName(val));
         }
         catch (Exception e)
         {

legend-pure-functions/legend-pure-functions-base/legend-pure-runtime-java-extension-interpreted-functions-base/src/main/java/org/finos/legend/pure/runtime/java/extension/functions/interpreted/natives/math/Random.java

@@ -17,8 +17,6 @@
 import org.eclipse.collections.api.list.ListIterable;
 import org.eclipse.collections.api.map.MutableMap;
 import org.finos.legend.pure.m3.compiler.Context;
-import org.finos.legend.pure.m3.navigation.Instance;
-import org.finos.legend.pure.m3.navigation.M3Properties;
 import org.finos.legend.pure.m3.navigation.ProcessorSupport;
 import org.finos.legend.pure.m4.ModelRepository;
 import org.finos.legend.pure.m4.coreinstance.CoreInstance;
@@ -30,11 +28,13 @@
 import org.finos.legend.pure.runtime.java.interpreted.natives.NumericUtilities;
 import org.finos.legend.pure.runtime.java.interpreted.profiler.Profiler;
 
+import java.security.SecureRandom;
 import java.util.Stack;
 
 public class Random extends NativeFunction
 {
     private final ModelRepository repository;
+    private final SecureRandom random = new SecureRandom();
 
     public Random(FunctionExecutionInterpreted functionExecution, ModelRepository repository)
     {
@@ -44,6 +44,6 @@ public Random(FunctionExecutionInterpreted functionExecution, ModelRepository re
     @Override
     public CoreInstance execute(ListIterable<? extends CoreInstance> params, Stack<MutableMap<String, CoreInstance>> resolvedTypeParameters, Stack<MutableMap<String, CoreInstance>> resolvedMultiplicityParameters, VariableContext variableContext, CoreInstance functionExpressionToUseInStack, Profiler profiler, InstantiationContext instantiationContext, ExecutionSupport executionSupport, Context context, ProcessorSupport processorSupport)
     {
-        return NumericUtilities.toPureNumberValueExpression(Math.random(), false, this.repository, processorSupport);
+        return NumericUtilities.toPureNumberValueExpression(this.random.nextDouble(), false, this.repository, processorSupport);
     }
 }