Bug #2998
seed SecureRandom with good random
Status: | Closed | Start date: | 02/24/2014 | |
---|---|---|---|---|
Priority: | Urgent | Due date: | ||
Assignee: | hans | % Done: | 0% | |
Category: | - | |||
Target version: | improved security/usability | |||
Component: |
Description
SecureRandom
needs to be seeded from /dev/random
or /dev/urandom
since the default is broken:
Related issues
Associated revisions
Apply Google PRNG fixes on Application creation.
To address issues with the SecureRandom class being improperly seeded on
some devices1 developers can use a Google provided "fixes" class. This
ensures SecureRandom is seeded with /dev/random and provides
cryptographically secure random numbers.
This patch addresses Bug #2998
[1]
http://android-developers.blogspot.com.au/2013/08/some-securerandom-thoughts.html
History
#1 Updated by pd0x almost 4 years ago
- Status changed from New to Feedback
- Assignee set to hans