Sanitizer decryptFile goes into exception "Java platform is required to support a strong SecureRandom"

marcop · July 26, 2018, 8:24pm

I try to decrypt a file with
java -jar sanitizer-0.15.jar decryptFile -vault VAULT_PATH
(# Cryptomator vault sanitizer v0.15 #)

but after entering absolute path of decrypted output I obtain:

Exception in thread "main" java.lang.IllegalStateException: Java platform is required to support a strong SecureRandom.
	at org.cryptomator.sanitizer.CryptorHolder.strongSecureRandom(CryptorHolder.java:99)
	at org.cryptomator.sanitizer.CryptorHolder.bestGuessCryptorProvider(CryptorHolder.java:89)
	at org.cryptomator.sanitizer.restorer.FileDecryptor.decryptFile(FileDecryptor.java:36)
	at org.cryptomator.sanitizer.commands.DecryptFileRunner.run(DecryptFileRunner.java:21)
	at org.cryptomator.sanitizer.commands.DecryptFileCommand.run(DecryptFileCommand.java:79)
	at org.cryptomator.sanitizer.commands.Commands.run(Commands.java:75)
	at org.cryptomator.sanitizer.Sanitizer.main(Sanitizer.java:16)
	at java.util.Optional.ifPresent(java.base@9-internal/Optional.java:162)
	at org.cryptomator.sanitizer.Sanitizer.main(Sanitizer.java:12)
Caused by: java.security.NoSuchAlgorithmException: Null/empty securerandom.strongAlgorithms Security Property
	at java.security.SecureRandom.getInstanceStrong(java.base@9-internal/SecureRandom.java:637)
	at org.cryptomator.sanitizer.CryptorHolder.strongSecureRandom(CryptorHolder.java:97)
	... 8 more

I tried modifying /dev/random with /dev/urandom in /usr/lib/jvm/java-9-openjdk-amd64/lib/security/java.security (Ubuntu 16.04 LTS) but with no success. I also tried haveged daemon but nothing.

Can anyone knows how to fix this issue?
Thanks.

(Marco)

overheadhunter · July 27, 2018, 7:46am

Wow… Exception is thrown on this line.

The contract of getInstanceStrong() says:

Every implementation of the Java platform is required to support at least one strong SecureRandom implementation.

I.e. there must be something wrong with your JDK, either this is a bug in OpenJDK 9 or something modified your securerandom.strongAlgorithms property.

Can you check the contents of the configuration file at $JAVA_HOME/jre/lib/security/java.security, specifically the line containing securerandom.source?

marcop · July 27, 2018, 3:43pm

securerandom.source=file:/dev/random

As I already sayd I tried also with /dev/urandom (and /dev/./urandom) and also with haveged daemon (I don’t know, to say the truth, if this daemon should run for some times to collect entrophy)

Thanks @overheadhunter for your support.

marcop · July 27, 2018, 3:50pm

My system is Ubuntu 16.04 LTS. Obviously if I cannot solve I should try with last LTS (18.04).

Should my old CPU bring to this bug (Intel® Core™2 Duo CPU T5450 @ 1.66GHz with 3333.66 bogomips)??

Thanks

marcop · October 5, 2018, 10:42pm

With java 10.0.2 and Ubuntu 18.04 the problem is fixed.