TO DELETE

[tasbin]

DELETED

[pranaysharma]

Hi I would like to try to fix it ? Could someone advice how to proceed? Do we just need to create a random Byte array?

[designer2k2]

after reading this:
https://medium.com/@tiensinodev/basic-android-encryption-dos-and-don-ts-7bc2cd3335ff
https://stackoverflow.com/questions/31036780/android-cryptography-api-not-generating-safe-iv-for-aes
https://stackoverflow.com/questions/29267435/generating-random-iv-for-aes-in-java

i think maybe something like this should work:

SecureRandom r = new SecureRandom();
byte[] ivBytes = new byte[16];
r.nextBytes(ivBytes);

cipher.init(Cipher.ENCRYPT_MODE, keySpec, new IvParameterSpec(ivBytes));

but i have no idea how to replace the line51 with the above to keep it safe, so no pull request from my side

[dee12452]

Looks like SecureRandom will work but there's one possible problem with that.
According to the Java docs (https://docs.oracle.com/javase/8/docs/api/java/security/SecureRandom.html) SecureRandom could possibly block the thread that calls .nextBytes(...).
I haven't dived into where the constructor lies for this class but if it's on a thread such as the main UI thread then the solution might not be as simple as a one-liner