Mercurial > 510Connectbot
annotate src/ch/ethz/ssh2/crypto/SecureRandomFix.java @ 374:597138203c15
debug kex error
author | Carl Byington <carl@five-ten-sg.com> |
---|---|
date | Mon, 04 Aug 2014 14:02:00 -0700 |
parents | bb7d8a7babbe |
children |
rev | line source |
---|---|
345
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1 // |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
2 // Copyright (C) 2014 by 510 Software Group |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
3 // licensed under the GPLv3 or later |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
4 |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
5 package ch.ethz.ssh2.crypto; |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
6 |
346
d6ab7b606a50
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
345
diff
changeset
|
7 import android.os.Build; |
d6ab7b606a50
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
345
diff
changeset
|
8 import android.os.Process; |
d6ab7b606a50
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
345
diff
changeset
|
9 |
d6ab7b606a50
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
345
diff
changeset
|
10 import java.io.ByteArrayOutputStream; |
d6ab7b606a50
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
345
diff
changeset
|
11 import java.io.DataOutputStream; |
d6ab7b606a50
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
345
diff
changeset
|
12 import java.io.IOException; |
d6ab7b606a50
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
345
diff
changeset
|
13 import java.io.UnsupportedEncodingException; |
345
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
14 import java.security.SecureRandom; |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
15 |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
16 |
347
bb7d8a7babbe
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
346
diff
changeset
|
17 public class SecureRandomFix extends SecureRandom { |
345
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
18 |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
19 // http://android-developers.blogspot.com/2013/08/some-securerandom-thoughts.html |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
20 |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
21 private static final int VERSION_CODE_JELLY_BEAN_MR2 = 18; |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
22 private static final byte[] BUILD_FINGERPRINT_AND_DEVICE_SERIAL = |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
23 getBuildFingerprintAndDeviceSerial(); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
24 |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
25 private static byte[] generateReasonableSeed() { |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
26 try { |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
27 ByteArrayOutputStream seedBuffer = new ByteArrayOutputStream(); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
28 DataOutputStream seedBufferOut = |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
29 new DataOutputStream(seedBuffer); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
30 seedBufferOut.writeLong(System.currentTimeMillis()); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
31 seedBufferOut.writeLong(System.nanoTime()); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
32 seedBufferOut.writeInt(Process.myPid()); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
33 seedBufferOut.writeInt(Process.myUid()); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
34 seedBufferOut.write(BUILD_FINGERPRINT_AND_DEVICE_SERIAL); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
35 seedBufferOut.close(); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
36 return seedBuffer.toByteArray(); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
37 } catch (IOException e) { |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
38 throw new SecurityException("Failed to generate seed", e); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
39 } |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
40 } |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
41 |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
42 /** |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
43 * Gets the hardware serial number of this device. |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
44 * |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
45 * @return serial number or {@code null} if not available. |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
46 */ |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
47 private static String getDeviceSerialNumber() { |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
48 // We're using the Reflection API because Build.SERIAL is only available |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
49 // since API Level 9 (Gingerbread, Android 2.3). |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
50 try { |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
51 return (String) Build.class.getField("SERIAL").get(null); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
52 } catch (Exception ignored) { |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
53 return null; |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
54 } |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
55 } |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
56 |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
57 private static byte[] getBuildFingerprintAndDeviceSerial() { |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
58 StringBuilder result = new StringBuilder(); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
59 String fingerprint = Build.FINGERPRINT; |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
60 if (fingerprint != null) { |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
61 result.append(fingerprint); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
62 } |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
63 String serial = getDeviceSerialNumber(); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
64 if (serial != null) { |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
65 result.append(serial); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
66 } |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
67 try { |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
68 return result.toString().getBytes("UTF-8"); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
69 } catch (UnsupportedEncodingException e) { |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
70 throw new RuntimeException("UTF-8 encoding not supported"); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
71 } |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
72 } |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
73 |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
74 public SecureRandomFix() { |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
75 super(); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
76 if (Build.VERSION.SDK_INT > VERSION_CODE_JELLY_BEAN_MR2) { |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
77 // No need to apply the fix |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
78 return; |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
79 } |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
80 setSeed(generateReasonableSeed()); |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
81 } |
663637117cf8
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
82 } |