Using AESRandom to generate random strings.

[aruncg]

Hi,

I am using com.google.security.random.AESRandom to generate random strings in an appengine app.  However, it is not working since it is not able to read from /dev/urandom.  I am pasting the error below.  This class was chosen carefully so that there are no crypto-vulnerabilities exposed.  Does anyone know of a workaround to this problem?

Thanks,

Arun.

com.google.security.random.CppSecureRandom seedFromRandFile: Access to seed file /dev/urandom denied
java.security.AccessControlException: access denied (java.io.FilePermission /dev/urandom read)
	at java.security.AccessControlContext.checkPermission(AccessControlContext.java:355)
	at java.security.AccessController.checkPermission(AccessController.java:567)
	at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
	at com.google.apphosting.runtime.security.CustomSecurityManager.checkPermission(CustomSecurityManager.java:56)
	at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
	at java.io.FileInputStream.<init>(FileInputStream.java:133)
	at java.io.FileInputStream.<init>(FileInputStream.java:98)
	at com.google.security.random.CppSecureRandom.seedFromRandFile(CppSecureRandom.java:145)
	at com.google.security.random.CppSecureRandom.seedWithURandomFile(CppSecureRandom.java:164)
	at com.google.security.random.AESRandom.<init>(AESRandom.java:187)
	at com.google.wireless.mobilegw.smstracker.server.AppengineUtil.generateRandomString(AppengineUtil.java:73)
	at com.google.wireless.mobilegw.smstracker.server.AppengineUtil.generateSmsPassword(AppengineUtil.java:58)
	at com.google.wireless.mobilegw.smstracker.server.RegistrationInfoService.register(RegistrationInfoService.java:81)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:616)
	at com.google.apphosting.runtime.security.shared.intercept.java.lang.reflect.Method_$1.run(Method_.java:165)
	at java.security.AccessController.doPrivileged(Native Method)
	at com.google.apphosting.runtime.security.shared.intercept.java.lang.reflect.Method_.privilegedInvoke(Method_.java:163)
	at com.google.apphosting.runtime.security.shared.intercept.java.lang.reflect.Method_.invoke_(Method_.java:124)
	at com.google.apphosting.runtime.security.shared.intercept.java.lang.reflect.Method_.invoke(Method_.java:43)
	at com.google.web.bindery.requestfactory.server.ReflectiveServiceLayer.invoke(ReflectiveServiceLayer.java:182)
	at com.google.web.bindery.requestfactory.server.ServiceLayerDecorator.invoke(ServiceLayerDecorator.java:111)
	at com.google.web.bindery.requestfactory.server.ServiceLayerDecorator.invoke(ServiceLayerDecorator.java:111)
	at 

[Takashi Matsuo]

Hi Arun,

Can you file an issue on our issue tracker so that other people can
show their interest by staring it, and it will help us to decide
priorities.

Thanks,

-- Takashi

> --
> You received this message because you are subscribed to the Google Groups
> "Google App Engine" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/google-appengine/-/TGvxU0BIaMYJ.
> To post to this group, send email to google-a...@googlegroups.com.
> To unsubscribe from this group, send email to
> google-appengi...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/google-appengine?hl=en.



--
Takashi Matsuo | Developer Advocate | tma...@google.com