Android Chromoting: Initialize SecureRandom generator.

BUG=402732 Review URL: https://codereview.chromium.org/463393002 Cr-Commit-Position: refs/heads/master@{#289519} git-svn-id: svn://svn.chromium.org/chrome/trunk/src@289519 0039d316-1c4b-4281-b951-d872f2087c98

Android Chromoting: Initialize SecureRandom generator.
BUG=402732 Review URL: https://codereview.chromium.org/463393002 Cr-Commit-Position: refs/heads/master@{#289519} git-svn-id: svn://svn.chromium.org/chrome/trunk/src@289519 0039d316-1c4b-4281-b951-d872f2087c98
94b2d8d7 · lambroslambrou@chromium.org · 077f8350 · 94b2d8d7 · 94b2d8d7
Commit 94b2d8d7 authored Aug 14, 2014 by lambroslambrou@chromium.org
2 changed files
--- a/remoting/android/java/src/org/chromium/chromoting/SecureRandomInitializer.java
+++ b/remoting/android/java/src/org/chromium/chromoting/SecureRandomInitializer.java
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+package org.chromium.chromoting;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.security.SecureRandom;
+/**
+ * This class contains code to initialize a SecureRandom generator securely on Android platforms
+ * <= 4.3. See
+ * {@link http://android-developers.blogspot.com/2013/08/some-securerandom-thoughts.html}.
+ */
+public class SecureRandomInitializer {
+    private static final int NUM_RANDOM_BYTES = 16;
+    /**
+     * Safely initializes the random number generator, by seeding it with data from /dev/urandom.
+     */
+    public static void initialize(SecureRandom generator) throws IOException {
+        FileInputStream fis = null;
+        try {
+            fis = new FileInputStream("/dev/urandom");
+            byte[] bytes = new byte[NUM_RANDOM_BYTES];
+            if (bytes.length != fis.read(bytes)) {
+                throw new IOException("Failed to get enough random data.");
+            }
+            generator.setSeed(bytes);
+        } finally {
+            try {
+                if (fis != null) {
+                    fis.close();
+                }
+            } catch (IOException e) {
+                // Ignore exception closing the device.
+            }
+        }
+    }
+}
--- a/remoting/android/java/src/org/chromium/chromoting/ThirdPartyTokenFetcher.java
+++ b/remoting/android/java/src/org/chromium/chromoting/ThirdPartyTokenFetcher.java
@@ -4,6 +4,7 @@
 package org.chromium.chromoting;
+import android.annotation.SuppressLint;
 import android.app.Activity;
 import android.content.ActivityNotFoundException;
 import android.content.ComponentName;
@@ -14,6 +15,7 @@ import android.text.TextUtils;
 import android.util.Base64;
 import android.util.Log;
+import java.io.IOException;
 import java.security.SecureRandom;
 import java.util.ArrayList;
@@ -39,7 +41,19 @@ public class ThirdPartyTokenFetcher {
    private static final String RESPONSE_TYPE = "code token";
    /** This is used to securely generate an opaque 128 bit for the |mState| variable. */
-    private static SecureRandom sSecureRandom = new SecureRandom();
+    @SuppressLint("TrulyRandom")
+    private static SecureRandom sSecureRandom;
+    // TODO(lambroslambrou): Refactor this class to only initialize a PRNG when ThirdPartyAuth is
+    // actually used.
+    static {
+        sSecureRandom = new SecureRandom();
+        try {
+            SecureRandomInitializer.initialize(sSecureRandom);
+        } catch (IOException e) {
+            throw new RuntimeException("Failed to initialize PRNG: " + e);
+        }
+    }
    /** This is used to launch the third party login page in the browser. */
    private Activity mContext;