From a385f2eaef7f1f0600447af641b5d38566a9cd69 Mon Sep 17 00:00:00 2001
From: Sebastian Stenzel <sebastian.stenzel@gmail.com>
Date: Fri, 25 Mar 2016 16:41:30 +0100
Subject: [PATCH] fixes #174

---
 .../cryptomator/crypto/engine/impl/CryptoEngineModule.java | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/main/filesystem-crypto/src/main/java/org/cryptomator/crypto/engine/impl/CryptoEngineModule.java b/main/filesystem-crypto/src/main/java/org/cryptomator/crypto/engine/impl/CryptoEngineModule.java
index 7c355a358..fc336c7c1 100644
--- a/main/filesystem-crypto/src/main/java/org/cryptomator/crypto/engine/impl/CryptoEngineModule.java
+++ b/main/filesystem-crypto/src/main/java/org/cryptomator/crypto/engine/impl/CryptoEngineModule.java
@@ -27,7 +27,12 @@ public class CryptoEngineModule {
 	@Provides
 	public SecureRandom provideSecureRandom() {
 		try {
-			return SecureRandom.getInstanceStrong();
+			// https://tersesystems.com/2015/12/17/the-right-way-to-use-securerandom/
+			final SecureRandom nativeRandom = SecureRandom.getInstanceStrong();
+			byte[] seed = nativeRandom.generateSeed(55); // NIST SP800-90A suggests 440 bits for SHA1 seed
+			SecureRandom sha1Random = SecureRandom.getInstance("SHA1PRNG");
+			sha1Random.setSeed(seed);
+			return sha1Random;
 		} catch (NoSuchAlgorithmException e) {
 			throw new IllegalStateException("No strong PRNGs available.", e);
 		}