From 23c3db28efe9c6202c438bd0dc7fb27f9f6e782e Mon Sep 17 00:00:00 2001
From: Tim203 <mctim203@gmail.com>
Date: Sat, 3 Apr 2021 19:49:44 +0200
Subject: [PATCH] Another attempt to fix key generation

---
 .../geysermc/floodgate/crypto/AesKeyProducer.java    | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/common/src/main/java/org/geysermc/floodgate/crypto/AesKeyProducer.java b/common/src/main/java/org/geysermc/floodgate/crypto/AesKeyProducer.java
index 59080c195..faec0ad10 100644
--- a/common/src/main/java/org/geysermc/floodgate/crypto/AesKeyProducer.java
+++ b/common/src/main/java/org/geysermc/floodgate/crypto/AesKeyProducer.java
@@ -31,7 +31,6 @@ import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
-import java.util.Locale;
 
 public final class AesKeyProducer implements KeyProducer {
     public static int KEY_SIZE = 128;
@@ -58,11 +57,18 @@ public final class AesKeyProducer implements KeyProducer {
 
     private SecureRandom getSecureRandom() throws NoSuchAlgorithmException {
         // use Windows-PRNG for windows (default impl is SHA1PRNG)
-        // default impl for unix-like systems is NativePRNG.
         if (System.getProperty("os.name").startsWith("Windows")) {
             return SecureRandom.getInstance("Windows-PRNG");
         } else {
-            return new SecureRandom();
+            try {
+                // NativePRNG (which should be the default on unix-systems) can still block your
+                // system. Even though it isn't as bad as NativePRNGBlocking, we still try to
+                // prevent that if possible
+                return SecureRandom.getInstance("NativePRNGNonBlocking");
+            } catch (NoSuchAlgorithmException ignored) {
+                // at this point we just have to go with the default impl even if it blocks
+                return new SecureRandom();
+            }
         }
     }
 }