Android Chromoting: Initialize SecureRandom generator.

remoting/android/java/src/org/chromium/chromoting/ThirdPartyTokenFetcher.java

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 package org.chromium.chromoting;
 
+import android.annotation.SuppressLint;
 import android.app.Activity;
 import android.content.ActivityNotFoundException;
 import android.content.ComponentName;
 import android.content.Intent;
 import android.content.pm.PackageManager;
 import android.net.Uri;
 import android.text.TextUtils;
 import android.util.Base64;
 import android.util.Log;
 
+import java.io.FileInputStream;
+import java.io.IOException;
 import java.security.SecureRandom;
 import java.util.ArrayList;
 
 /**
  * This class is responsible for fetching a third party token from the user using the OAuth2
  * implicit flow.  It directs the user to a third party login page located at |tokenUrl|.  It relies
  * on the |ThirdPartyTokenFetcher$OAuthRedirectActivity| to intercept the access token from the
  * redirect at intent://|REDIRECT_URI_PATH|#Intent;...end; upon successful login.
  */
 public class ThirdPartyTokenFetcher {
     /** Callback for receiving the token. */
     public interface Callback {
         void onTokenFetched(String code, String accessToken);
     }
 
     /** The path of the Redirect URI. */
     private static final String REDIRECT_URI_PATH = "/oauthredirect/";
 
     /**
      * Request both the authorization code and access token from the server.  See
      * http://tools.ietf.org/html/rfc6749#section-3.1.1.
      */
     private static final String RESPONSE_TYPE = "code token";
 
+    /** Used to initialize the random number generator. */
+    private static final int NUM_RANDOM_BYTES = 16;
+
     /** This is used to securely generate an opaque 128 bit for the |mState| variable. */
-    private static SecureRandom sSecureRandom = new SecureRandom();
+    @SuppressLint("TrulyRandom")
+    private static SecureRandom sSecureRandom;
+
+    static {
+        // Versions of SecureRandom from Android <= 4.3 do not seed themselves as
+        // securely as possible. This workaround should suffice until the fixed version
+        // is deployed to all users. It reads random data from /dev/urandom, which is as good as
+        // the platform can get.
+        sSecureRandom = new SecureRandom();
+        sSecureRandom.setSeed(getRandomBytes(NUM_RANDOM_BYTES));

[kelvinp, 2014/08/13 02:33:26]

As discussed, maybe it is better to move the initialization to a static
singleton instead of a static block so that we only crash when the user tries
third party auth instead of during launch.

[Lambros, 2014/08/13 23:48:51]

Discussed offline. The refactoring to do this is non-trivial so I've added a
TODO and will file a bug for this.

+    }
 
     /** This is used to launch the third party login page in the browser. */
     private Activity mContext;
 
     /**
      * An opaque value used by the client to maintain state between the request and callback.  The
      * authorization server includes this value when redirecting the user-agent back to the client.
      * The parameter is used for preventing cross-site request forgery. See
      * http://tools.ietf.org/html/rfc6749#section-10.12.
      */
     private final String mState;
 
     private final Callback mCallback;
 
     /** The list of TokenUrls allowed by the domain. */
     private final ArrayList<String> mTokenUrlPatterns;
 
     private final String mRedirectUriScheme;
 
     private final String mRedirectUri;
 
+    private static byte[] getRandomBytes(int numBytes) {
+        FileInputStream fis = null;
+        try {
+            fis = new FileInputStream("/dev/urandom");
+            byte[] bytes = new byte[numBytes];
+            if (bytes.length != fis.read(bytes)) {
+                throw new SecurityException("Failed to get enough random data.");
+            }
+            return bytes;
+        } catch (IOException e) {
+            throw new SecurityException("Error reading random data.");
+        } finally {
+            try {
+                if (fis != null) {
+                    fis.close();
+                }
+            } catch (IOException e) {
+                // Ignore exception closing the device.
+            }
+        }
+    }
+
     public ThirdPartyTokenFetcher(Activity context,
                                   ArrayList<String> tokenUrlPatterns,
                                   Callback callback) {
         this.mContext = context;
         this.mState = generateXsrfToken();
         this.mCallback = callback;
         this.mTokenUrlPatterns = tokenUrlPatterns;
 
         this.mRedirectUriScheme = context.getApplicationContext().getPackageName();
 
@@ skipping 144 matching lines @@
             ComponentName component = new ComponentName(
                     context.getApplicationContext(),
                     ThirdPartyTokenFetcher.OAuthRedirectActivity.class);
             context.getPackageManager().setComponentEnabledSetting(
                     component,
                     enabledState,
                     PackageManager.DONT_KILL_APP);
         }
     }
 }