Hi,
I am using com.google.security.random.AESRandom to generate random strings
in an appengine app. However, it is not working since it is not able to
read from /dev/urandom. I am pasting the error below. This class was
chosen carefully so that there are no crypto-vulnerabilities exposed. Does
anyone know of a workaround to this problem?
Thanks,
Arun.
com.google.security.random.CppSecureRandom seedFromRandFile: Access to seed
file /dev/urandom denied
java.security.AccessControlException: access denied (java.io.FilePermission
/dev/urandom read)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:355)
at
java.security.AccessController.checkPermission(AccessController.java:567)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at
com.google.apphosting.runtime.security.CustomSecurityManager.checkPermission(CustomSecurityManager.java:56)
at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
at java.io.FileInputStream.<init>(FileInputStream.java:133)
at java.io.FileInputStream.<init>(FileInputStream.java:98)
at
com.google.security.random.CppSecureRandom.seedFromRandFile(CppSecureRandom.java:145)
at
com.google.security.random.CppSecureRandom.seedWithURandomFile(CppSecureRandom.java:164)
at com.google.security.random.AESRandom.<init>(AESRandom.java:187)
at
com.google.wireless.mobilegw.smstracker.server.AppengineUtil.generateRandomString(AppengineUtil.java:73)
at
com.google.wireless.mobilegw.smstracker.server.AppengineUtil.generateSmsPassword(AppengineUtil.java:58)
at
com.google.wireless.mobilegw.smstracker.server.RegistrationInfoService.register(RegistrationInfoService.java:81)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:616)
at
com.google.apphosting.runtime.security.shared.intercept.java.lang.reflect.Method_$1.run(Method_.java:165)
at java.security.AccessController.doPrivileged(Native Method)
at
com.google.apphosting.runtime.security.shared.intercept.java.lang.reflect.Method_.privilegedInvoke(Method_.java:163)
at
com.google.apphosting.runtime.security.shared.intercept.java.lang.reflect.Method_.invoke_(Method_.java:124)
at
com.google.apphosting.runtime.security.shared.intercept.java.lang.reflect.Method_.invoke(Method_.java:43)
at
com.google.web.bindery.requestfactory.server.ReflectiveServiceLayer.invoke(ReflectiveServiceLayer.java:182)
at
com.google.web.bindery.requestfactory.server.ServiceLayerDecorator.invoke(ServiceLayerDecorator.java:111)
at
com.google.web.bindery.requestfactory.server.ServiceLayerDecorator.invoke(ServiceLayerDecorator.java:111)
at
--
You received this message because you are subscribed to the Google Groups
"Google App Engine" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/google-appengine/-/TGvxU0BIaMYJ.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/google-appengine?hl=en.
