comparison src/ch/ethz/ssh2/crypto/SecureRandomFix.java @ 345:663637117cf8

compensate for SecureRandom bug on older devices
author Carl Byington <carl@five-ten-sg.com>
date Thu, 31 Jul 2014 18:43:40 -0700
parents
children d6ab7b606a50
comparison
equal deleted inserted replaced
344:b40bc65fa09a 345:663637117cf8
1 //
2 // Copyright (C) 2014 by 510 Software Group
3 // licensed under the GPLv3 or later
4
5 package ch.ethz.ssh2.crypto;
6
7 import java.security.SecureRandom;
8
9
10 class SecureRandomFix extends SecureRandom {
11
12 // http://android-developers.blogspot.com/2013/08/some-securerandom-thoughts.html
13
14 private static final int VERSION_CODE_JELLY_BEAN_MR2 = 18;
15 private static final byte[] BUILD_FINGERPRINT_AND_DEVICE_SERIAL =
16 getBuildFingerprintAndDeviceSerial();
17
18 private static byte[] generateReasonableSeed() {
19 try {
20 ByteArrayOutputStream seedBuffer = new ByteArrayOutputStream();
21 DataOutputStream seedBufferOut =
22 new DataOutputStream(seedBuffer);
23 seedBufferOut.writeLong(System.currentTimeMillis());
24 seedBufferOut.writeLong(System.nanoTime());
25 seedBufferOut.writeInt(Process.myPid());
26 seedBufferOut.writeInt(Process.myUid());
27 seedBufferOut.write(BUILD_FINGERPRINT_AND_DEVICE_SERIAL);
28 seedBufferOut.close();
29 return seedBuffer.toByteArray();
30 } catch (IOException e) {
31 throw new SecurityException("Failed to generate seed", e);
32 }
33 }
34
35 /**
36 * Gets the hardware serial number of this device.
37 *
38 * @return serial number or {@code null} if not available.
39 */
40 private static String getDeviceSerialNumber() {
41 // We're using the Reflection API because Build.SERIAL is only available
42 // since API Level 9 (Gingerbread, Android 2.3).
43 try {
44 return (String) Build.class.getField("SERIAL").get(null);
45 } catch (Exception ignored) {
46 return null;
47 }
48 }
49
50 private static byte[] getBuildFingerprintAndDeviceSerial() {
51 StringBuilder result = new StringBuilder();
52 String fingerprint = Build.FINGERPRINT;
53 if (fingerprint != null) {
54 result.append(fingerprint);
55 }
56 String serial = getDeviceSerialNumber();
57 if (serial != null) {
58 result.append(serial);
59 }
60 try {
61 return result.toString().getBytes("UTF-8");
62 } catch (UnsupportedEncodingException e) {
63 throw new RuntimeException("UTF-8 encoding not supported");
64 }
65 }
66
67 public SecureRandomFix() {
68 super();
69 if (Build.VERSION.SDK_INT > VERSION_CODE_JELLY_BEAN_MR2) {
70 // No need to apply the fix
71 return;
72 }
73 setSeed(generateReasonableSeed());
74 }
75 }