GetInstance() returns a seeded instance. If you want an unseeded instance, you must use the unseeded ctor in which you supply your own generator

1 files changed, 6 insertions, 10 deletions

diff --git a/crypto/src/security/SecureRandom.cs b/crypto/src/security/SecureRandom.cs
index 055162f1f..ef932ee8c 100644
--- a/crypto/src/security/SecureRandom.cs
+++ b/crypto/src/security/SecureRandom.cs
@@ -46,24 +46,20 @@ namespace Org.BouncyCastle.Security
 		public static SecureRandom GetInstance(
 			string algorithm)
 		{
-			// TODO Compared to JDK, we don't auto-seed if the client forgets - problem?
-
 			// TODO Support all digests more generally, by stripping PRNG and calling DigestUtilities?
 			string drgName = Platform.ToUpperInvariant(algorithm);
 
-			IRandomGenerator drg = null;
 			if (drgName == "SHA1PRNG")
 			{
-				drg = sha1Generator;
+				SecureRandom newPrng = new SecureRandom(sha1Generator);
+				newPrng.SetSeed(GetSeed(20));
+				return newPrng;
 			}
 			else if (drgName == "SHA256PRNG")
 			{
-				drg = sha256Generator;
-			}
-
-			if (drg != null)
-			{
-				return new SecureRandom(drg);
+				SecureRandom newPrng = new SecureRandom(sha256Generator);
+				newPrng.SetSeed(GetSeed(32));
+				return newPrng;
 			}
 
 			throw new ArgumentException("Unrecognised PRNG algorithm: " + algorithm, "algorithm");