chrome/android/java/src/org/chromium/chrome/browser/WebappAuthenticator.java - Issue 624183002: Cleanup: Consolidate initialization of Android's SecureRandom class.

Unified Diff: chrome/android/java/src/org/chromium/chrome/browser/WebappAuthenticator.java

Issue 624183002: Cleanup: Consolidate initialization of Android's SecureRandom class. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 6 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« base/android/java/src/org/chromium/base/SecureRandomInitializer.java ('K') | « base/android/java/src/org/chromium/base/SecureRandomInitializer.java ('k') | content/public/android/java/src/org/chromium/content/browser/crypto/CipherFactory.java » ('j') | content/public/android/java/src/org/chromium/content/browser/crypto/CipherFactory.java » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: chrome/android/java/src/org/chromium/chrome/browser/WebappAuthenticator.java

diff --git a/chrome/android/java/src/org/chromium/chrome/browser/WebappAuthenticator.java b/chrome/android/java/src/org/chromium/chrome/browser/WebappAuthenticator.java

index f71fa671af9a248a3922d71804a68bebeea65b90..26ce9a33ea8cbeeac8ade29faca8d97b77e9c6fa 100644

--- a/chrome/android/java/src/org/chromium/chrome/browser/WebappAuthenticator.java

+++ b/chrome/android/java/src/org/chromium/chrome/browser/WebappAuthenticator.java

@@ -8,6 +8,8 @@ import android.content.Context;

import android.os.AsyncTask;

import android.util.Log;

+import org.chromium.base.SecureRandomInitializer;

import java.io.File;

import java.io.FileInputStream;

import java.io.FileOutputStream;

@@ -191,20 +193,7 @@ public class WebappAuthenticator {

public SecretKey call() throws Exception {

KeyGenerator generator = KeyGenerator.getInstance(MAC_ALGORITHM_NAME);

SecureRandom random = SecureRandom.getInstance("SHA1PRNG");

- // Versions of SecureRandom from Android <= 4.3 do not seed themselves as

- // securely as possible. This workaround should suffice until the fixed version

- // is deployed to all users. getRandomBytes, which reads from /dev/urandom,

- // which is as good as the platform can get.

- //

- // TODO(palmer): Consider getting rid of this once the updated platform has

- // shipped to everyone. Alternately, leave this in as a defense against other

- // bugs in SecureRandom.

- byte[] seed = getRandomBytes(MAC_KEY_BYTE_COUNT);

- if (seed == null) {

- return null;

- }

- random.setSeed(seed);

+ SecureRandomInitializer.initialize(random);

generator.init(MAC_KEY_BYTE_COUNT * 8, random);

return generator.generateKey();

}

@@ -213,29 +202,6 @@ public class WebappAuthenticator {

}

- private static byte[] getRandomBytes(int count) {

- FileInputStream fis = null;

- try {

- fis = new FileInputStream("/dev/urandom");

- byte[] bytes = new byte[count];

- if (bytes.length != fis.read(bytes)) {

- return null;

- }

- return bytes;

- } catch (Throwable t) {

- // This causes the ultimate caller, i.e. getMac, to fail.

- return null;

- } finally {

- try {

- if (fis != null) {

- fis.close();

- }

- } catch (IOException e) {

- // Nothing we can do.

- }

/**

* @return A Mac, or null if it is not possible to instantiate one.