webmaster/signal-cli
1
0
Fork 0
mirror of https://github.com/AsamK/signal-cli synced 2025-09-01 20:10:39 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

replace SecureRandom impl. with best available

Browse source 
Currently `Util.java` uses the SHA1PRNG algorithm by Sun/Oracle
to get randomness for `nextBytes` etc. - from the documentation"

```
** On Solaris, Linux, and OS X, if the entropy gathering device in
java.security is set to file:/dev/urandom or file:/dev/random, then
NativePRNG is preferred to SHA1PRNG. Otherwise, SHA1PRNG is preferred.
```

and:

```
The following algorithms are available in the SUN provider:

[...]

SecureRandom
{
SHA1PRNG (Initial seeding is currently done via a combination of system attributes and the java.security entropy gathering device)
NativePRNG (nextBytes() uses /dev/urandom, generateSeed() uses /dev/random)
NativePRNGBlocking (nextBytes() and generateSeed() use /dev/random)
NativePRNGNonBlocking (nextBytes() and generateSeed() use /dev/urandom)
}
```
via: https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SecureRandomImp

Using `/dev/urandom` (non-blocking, reworked in new linux kernel
releases) also reflects the opinion of many leading cryptographers over
any other solution of PRNGs out there, here's two blog posts to
underline this/my statement:
- https://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/
- https://tersesystems.com/blog/2015/12/17/the-right-way-to-use-securerandom/
- https://www.2uo.de/myths-about-urandom

Since we're not re-seeding a lot we're good using a blocking /dev/random
for seed generation (which is thus also more secure) and a faster, newly
re-written implementation of /dev/urandom for random bytes. I think this
is the best choice we have available here.

I did also give a talk on the subject matter, in case you're interested
a year ago: https://www.youtube.com/watch?v=Yx4RroggBzI (including
mentioned changes to Linux's CSPRNG design).
This commit is contained in:
Aaron Zauner 2018-11-04 00:27:18 +01:00
parent 35c00f1b2a
commit 38c87148d7
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/main/java/org/asamk/signal/util/Util.java
View file

@ -21,7 +21,7 @@ public class Util {
private static SecureRandom getSecureRandom() {
try {
return SecureRandom.getInstance("SHA1PRNG");
return SecureRandom.getInstance("NativePRNG");
} catch (NoSuchAlgorithmException e) {
throw new AssertionError(e);
}