SecureRandom backed by wrong Provider exception

Question

SecureRandom backed by wrong Provider exception

xDragonZ opened this issue 10 years ago · 4 comments

PrngFixes is throwing exception on some devices (collected from crash log) such as

Samsung - GT I9663, GT I9082L, GT S7500, SCH R820
Onda - TM 7043XD
Sony - C5303
Lenovo
and more

Android version: 2.3.4, 2.3.6 | 4.1.1, 4.1.2, 4.2.2

java.lang.SecurityException: new SecureRandom() backed by wrong Provider: class com.tozny.crypto.android.AesCbcWithIntegrity$PrngFixes$LinuxPRNGSecureRandomProvider
   at com.tozny.crypto.android.AesCbcWithIntegrity$PrngFixes.installLinuxPRNGSecureRandom(AesCbcWithIntegrity.java:764)
   at com.tozny.crypto.android.AesCbcWithIntegrity$PrngFixes.apply(AesCbcWithIntegrity.java:684)
   at com.tozny.crypto.android.AesCbcWithIntegrity.fixPrng(AesCbcWithIntegrity.java:347)
   at com.tozny.crypto.android.AesCbcWithIntegrity.generateKeyFromPassword(AesCbcWithIntegrity.java:184)
   at com.tozny.crypto.android.AesCbcWithIntegrity.generateKeyFromPassword(AesCbcWithIntegrity.java:234)

Answer 1 · 2015-08-13T00:39:57.000Z

Do you have the latest version of the library? There was a bug in Google's PRNG fix that we believe is addressed now in our version here:
https://github.com/tozny/java-aes-crypto/blob/master/aes-crypto/src/main/java/com/tozny/crypto/android/AesCbcWithIntegrity.java#L606

Some details are here:
#11

thanks,

Isaac

Answer 2 · 2015-08-24T13:48:50.000Z

Yes, I'm using the latest library.

Answer 3 · 2015-09-15T20:36:07.000Z

xDragonZ,

Do you know if this happens when you set the ALLOW_BROKEN_PRNG flag to True?

thanks,

isaac

Answer 4 · 2015-09-15T21:08:32.000Z

If I not mistaken the issue has been resolved after I set to "true"