Info Call to Random API

Description

List of all calls to methods that return pseudo-random values.

Recommendation

Do not seed Random with the current time because that value is more predictable to an attacker than the default seed.

The java.util.Random class must not be used either for security-critical applications or for protecting sensitive data. Use a more secure random number generator, such as the java.security.SecureRandom class.

Technical details

Method g.a.a.d.p.<init>() calling method java.util.Random.<init>()


    public p(g.a.a.d.s p3, g.a.a.b.e p4, g.a.a.d.m p5)
    {
        this.k = p3;
        super(p4, System.currentTimeMillis());
        super.d = p4;
        super.e = p5;
        g.a.a.b.u v4_5 = new byte[16];
        new java.util.Random().nextBytes(v4_5);
        super.f = new String(g.a.a.c.a.a(v4_5));
        super.g = new g.a.a.a.f(new g.a.a.b.u(g.a.a.d.s.b(p3).a(), 0), super.d, new g.a.a.d.o(super, p3));
        return;
    }

Method g.a.a.d.c.<init>() calling method java.util.Random.<init>()


    public c()
    {
        this(new java.util.Random());
        return;
    }

Method e.V.a() calling method java.util.Random.<init>()


    public e.oa a(e.ba p8, e.pa p9)
    {
        e.a.i.h v6 = new e.a.i.h;
        v6(p8, p9, new java.util.Random(), ((long) this.D));
        v6.a(this);
        return v6;
    }

Method com.crashlytics.android.a.B.<init>() calling method java.util.Random.<init>()


    public B(d.a.a.a.a.c.a.a p2, double p3)
    {
        this(p2, p3, new java.util.Random());
        return;
    }

Method com.kayako.sdk.android.k5.messenger.replyboxview.a.<clinit>() calling method java.util.Random.<init>()


    static a()
    {
        com.kayako.sdk.android.k5.messenger.replyboxview.a.a = new java.util.Random().nextInt(2);
        return;
    }

Method com.digitalticks.trade.CommonCode.g.a() calling method java.security.SecureRandom.<init>()


    private static void a()
    {
        Exception v0_1 = new javax.net.ssl.TrustManager[1];
        v0_1[0] = new com.digitalticks.trade.CommonCode.f();
        try {
            javax.net.ssl.SSLContext v1_3 = javax.net.ssl.SSLContext.getInstance("TLS");
            v1_3.init(0, v0_1, new java.security.SecureRandom());
            javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(v1_3.getSocketFactory());
        } catch (Exception v0_3) {
            v0_3.printStackTrace();
        }
        return;
    }

Method c.b.a.d.g.a() calling method java.security.SecureRandom.<init>()


    public static e.U a()
    {
        try {
            Exception v0_1 = new javax.net.ssl.TrustManager[1];
            v0_1[0] = new c.b.a.d.e();
            RuntimeException v1_6 = javax.net.ssl.SSLContext.getInstance("SSL");
            v1_6.init(0, v0_1, new java.security.SecureRandom());
            RuntimeException v1_0 = v1_6.getSocketFactory();
            e.U v3_1 = new e.U();
            v3_1.a(v1_0, ((javax.net.ssl.X509TrustManager) v0_1[0]));
            v3_1.a(new c.b.a.d.f());
            return v3_1;
        } catch (Exception v0_6) {
            throw new RuntimeException(v0_6);
        }
    }