Bug 1350196 - Part 2: Perform PRNGFixes earlier. r=rnewman, r=nalexander, a=lizzard
authorGrigory Kruglov <gkruglov@mozilla.com>
Mon, 27 Mar 2017 18:32:54 -0700
changeset 395530 437ac8a1ad2cdb94ba9b5573da06049855ea4a38
parent 395529 83289c6543562a83e7546d793e75332fa753ed6b
child 395531 99e7962464b774ff1b189576433ebc62146efbb4
push id1468
push userasasaki@mozilla.com
push dateMon, 05 Jun 2017 19:31:07 +0000
treeherdermozilla-release@0641fc6ee9d1 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersrnewman, nalexander, lizzard
bugs1350196
milestone54.0a2
Bug 1350196 - Part 2: Perform PRNGFixes earlier. r=rnewman, r=nalexander, a=lizzard MozReview-Commit-ID: 18jnRRFhyPq
mobile/android/base/java/org/mozilla/gecko/GeckoApplication.java
mobile/android/services/src/main/java/org/mozilla/gecko/browserid/DSACryptoImplementation.java
--- a/mobile/android/base/java/org/mozilla/gecko/GeckoApplication.java
+++ b/mobile/android/base/java/org/mozilla/gecko/GeckoApplication.java
@@ -27,16 +27,17 @@ import org.mozilla.gecko.media.AudioFocu
 import org.mozilla.gecko.notifications.NotificationClient;
 import org.mozilla.gecko.notifications.NotificationHelper;
 import org.mozilla.gecko.preferences.DistroSharedPrefsImport;
 import org.mozilla.gecko.util.BundleEventListener;
 import org.mozilla.gecko.util.Clipboard;
 import org.mozilla.gecko.util.EventCallback;
 import org.mozilla.gecko.util.GeckoBundle;
 import org.mozilla.gecko.util.HardwareUtils;
+import org.mozilla.gecko.util.PRNGFixes;
 import org.mozilla.gecko.util.ThreadUtils;
 
 import java.io.File;
 import java.lang.reflect.Method;
 
 public class GeckoApplication extends Application
     implements ContextGetter {
     private static final String LOG_TAG = "GeckoApplication";
@@ -141,16 +142,29 @@ public class GeckoApplication extends Ap
         }
 
         mInBackground = false;
     }
 
     @Override
     public void onCreate() {
         Log.i(LOG_TAG, "zerdatime " + SystemClock.uptimeMillis() + " - Fennec application start");
+
+        // PRNG is a pseudorandom number generator.
+        // We need to apply PRNG Fixes before any use of Java Cryptography Architecture.
+        // We make use of various JCA methods in data providers for generating GUIDs, as part of FxA
+        // flow and during syncing. Note that this is a no-op for devices running API>18, and so we
+        // accept the performance penalty on older devices.
+        try {
+            PRNGFixes.apply();
+        } catch (Exception e) {
+            // Not much to be done here: it was weak before, so it's weak now.  Not worth aborting.
+            Log.e(LOG_TAG, "Got exception applying PRNGFixes! Cryptographic data produced on this device may be weak. Ignoring.", e);
+        }
+
         mIsInitialResume = true;
 
         mRefWatcher = LeakCanary.install(this);
 
         final Context context = getApplicationContext();
         GeckoAppShell.setApplicationContext(context);
         HardwareUtils.init(context);
         FilePicker.init(context);
--- a/mobile/android/services/src/main/java/org/mozilla/gecko/browserid/DSACryptoImplementation.java
+++ b/mobile/android/services/src/main/java/org/mozilla/gecko/browserid/DSACryptoImplementation.java
@@ -129,23 +129,16 @@ public class DSACryptoImplementation {
     @SuppressLint("TrulyRandom")
     @Override
     public byte[] signMessage(byte[] bytes)
         throws GeneralSecurityException {
       if (bytes == null) {
         throw new IllegalArgumentException("bytes must not be null");
       }
 
-      try {
-        PRNGFixes.apply();
-      } catch (Exception e) {
-        // Not much to be done here: it was weak before, and we couldn't patch it, so it's weak now.  Not worth aborting.
-        Logger.error(LOG_TAG, "Got exception applying PRNGFixes!  Cryptographic data produced on this device may be weak.  Ignoring.", e);
-      }
-
       final Signature signer = Signature.getInstance(SIGNATURE_ALGORITHM);
       signer.initSign(privateKey);
       signer.update(bytes);
       final byte[] signature = signer.sign();
 
       final byte[][] arrays = ASNUtils.decodeTwoArraysFromASN1(signature);
       BigInteger r = new BigInteger(arrays[0]);
       BigInteger s = new BigInteger(arrays[1]);