content/public/android/java/src/org/chromium/content/browser/crypto/CipherFactory.java - Issue 624183002: Cleanup: Consolidate initialization of Android's SecureRandom class.

Unified Diff: content/public/android/java/src/org/chromium/content/browser/crypto/CipherFactory.java

Issue 624183002: Cleanup: Consolidate initialization of Android's SecureRandom class. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 6 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« base/android/java/src/org/chromium/base/SecureRandomInitializer.java ('K') | « chrome/android/java/src/org/chromium/chrome/browser/WebappAuthenticator.java ('k') | remoting/android/java/src/org/chromium/chromoting/SecureRandomInitializer.java » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: content/public/android/java/src/org/chromium/content/browser/crypto/CipherFactory.java

diff --git a/content/public/android/java/src/org/chromium/content/browser/crypto/CipherFactory.java b/content/public/android/java/src/org/chromium/content/browser/crypto/CipherFactory.java

index 7b1f8ee9fa7336326477eb1ee2c6998adc390446..4125d6689d2136caf984df5ebc6543178d2413b8 100644

--- a/content/public/android/java/src/org/chromium/content/browser/crypto/CipherFactory.java

+++ b/content/public/android/java/src/org/chromium/content/browser/crypto/CipherFactory.java

@@ -8,6 +8,8 @@ import android.os.AsyncTask;

import android.os.Bundle;

import android.util.Log;

+import org.chromium.base.SecureRandomInitializer;

import java.io.IOException;

import java.security.GeneralSecurityException;

import java.security.Key;

@@ -150,9 +152,8 @@ public class CipherFactory {

@Override

public CipherData call() {

// Poll random data to generate initialization parameters for the Cipher.

- byte[] seed, iv;

+ byte[] iv;

try {

- seed = mRandomNumberProvider.getBytes(NUM_BYTES);

Yaron 2014/10/08 18:08:00 Looks like you should update CipherFactoryTest. It

iv = mRandomNumberProvider.getBytes(NUM_BYTES);

} catch (IOException e) {

Log.e(TAG, "Couldn't get generator data.");

@@ -163,20 +164,15 @@ public class CipherFactory {

}

try {

- // Old versions of SecureRandom do not seed themselves as securely as possible.

- // This workaround should suffice until the fixed version is deployed to all

- // users. The seed comes from RandomNumberProvider.getBytes(), which reads

- // from /dev/urandom, which is as good as the platform can get.

- //

- // TODO(palmer): Consider getting rid of this once the updated platform has

- // shipped to everyone. Alternately, leave this in as a defense against other

- // bugs in SecureRandom.

SecureRandom random = SecureRandom.getInstance("SHA1PRNG");

- random.setSeed(seed);

+ SecureRandomInitializer.initialize(random);

KeyGenerator generator = KeyGenerator.getInstance("AES");

generator.init(128, random);

return new CipherData(generator.generateKey(), iv);

+ } catch (IOException e) {

+ Log.e(TAG, "Couldn't get generator data.");

+ return null;

} catch (GeneralSecurityException e) {

Log.e(TAG, "Couldn't get generator instances.");

return null;

@@ -270,4 +266,4 @@ public class CipherFactory {

private CipherFactory() {

mRandomNumberProvider = new ByteArrayGenerator();

}