LinuxSecureRandom: do a few more sanity tests on /dev/urandom.

Nobody has ever heard of an Android device that doesn't have a working /dev/urandom and if one doesn't exist we can't do anything useful anyway, so this patch should be a no-op. It isn't a response to any problem report, but the blockchain.info RNG failure caused us to look at this code again and spot ways it could be more conservative.
2025-07-31 20:11:23 +00:00 · 2015-05-29 13:50:55 +02:00
parent 3588fa085c
commit f64e98ef0a
1 changed files with 17 additions and 24 deletions
--- a/core/src/main/java/org/bitcoinj/crypto/LinuxSecureRandom.java
+++ b/core/src/main/java/org/bitcoinj/crypto/LinuxSecureRandom.java
@@ -16,17 +16,10 @@

 package org.bitcoinj.crypto;

-import java.io.DataInputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-import java.security.Provider;
-import java.security.SecureRandomSpi;
-import java.security.Security;
+import org.slf4j.*;

-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import java.io.*;
+import java.security.*;

 /**
 * A SecureRandom implementation that is able to override the standard JVM provided implementation, and which simply
@@ -49,23 +42,23 @@ public class LinuxSecureRandom extends SecureRandomSpi {
    static {
        try {
            File file = new File("/dev/urandom");
-            if (file.exists()) {
-                // This stream is deliberately leaked.
-                urandom = new FileInputStream(file);
-                // Now override the default SecureRandom implementation with this one.
-                int position = Security.insertProviderAt(new LinuxSecureRandomProvider(), 1);
+            // This stream is deliberately leaked.
+            urandom = new FileInputStream(file);
+            if (urandom.read() == -1)
+                throw new RuntimeException("/dev/urandom not readable?");
+            // Now override the default SecureRandom implementation with this one.
+            int position = Security.insertProviderAt(new LinuxSecureRandomProvider(), 1);

-                if (position != -1)
-                    log.info("Secure randomness will be read from {} only.", file);
-                else
-                    log.info("Randomness is already secure.");
-            } else {
-                urandom = null;
-
-                log.info("Does not exist: {}", file);
-            }
+            if (position != -1)
+                log.info("Secure randomness will be read from {} only.", file);
+            else
+                log.info("Randomness is already secure.");
        } catch (FileNotFoundException e) {
            // Should never happen.
+            log.error("/dev/urandom does not appear to exist or is not openable");
+            throw new RuntimeException(e);
+        } catch (IOException e) {
+            log.error("/dev/urandom does not appear to be readable");
            throw new RuntimeException(e);
        }
    }