lib/rand: Various minor fixes (#6752)
crypto/rand output is cryptographically secure by the Go library documentation's promise. That, rather than strength (= passes randomness tests) is the property that Syncthing needs).
This commit is contained in:
greatroar
GitHub
parent
cbe0d2fffc
commit
273cc9cef8
|
|
@ -367,7 +367,7 @@ func (i *IndexID) Unmarshal(bs []byte) error {
|
|||
}
|
||||
|
||||
func NewIndexID() IndexID {
|
||||
return IndexID(rand.Int64())
|
||||
return IndexID(rand.Uint64())
|
||||
}
|
||||
|
||||
func (f Folder) Description() string {
|
||||
|
|
|
|||
|
|
@ -21,17 +21,17 @@ var Reader = cryptoRand.Reader
|
|||
const randomCharset = "2345679abcdefghijkmnopqrstuvwxyzACDEFGHJKLMNPQRSTUVWXYZ"
|
||||
|
||||
var (
|
||||
// defaultSecureSource is a concurrency safe math/rand.Source with a
|
||||
// cryptographically sound base.
|
||||
// defaultSecureSource is a concurrency-safe, cryptographically secure
|
||||
// math/rand.Source.
|
||||
defaultSecureSource = newSecureSource()
|
||||
|
||||
// defaultSecureRand is a math/rand.Rand based on the secure source.
|
||||
defaultSecureRand = mathRand.New(defaultSecureSource)
|
||||
)
|
||||
|
||||
// String returns a strongly random string of characters (taken from
|
||||
// randomCharset) of the specified length. The returned string contains ~5.8
|
||||
// bits of entropy per character, due to the character set used.
|
||||
// String returns a cryptographically secure random string of characters
|
||||
// (taken from randomCharset) of the specified length. The returned string
|
||||
// contains ~5.8 bits of entropy per character, due to the character set used.
|
||||
func String(l int) string {
|
||||
bs := make([]byte, l)
|
||||
for i := range bs {
|
||||
|
|
@ -40,18 +40,18 @@ func String(l int) string {
|
|||
return string(bs)
|
||||
}
|
||||
|
||||
// Int63 returns a strongly random int63.
|
||||
// Int63 returns a cryptographically secure random int63.
|
||||
func Int63() int64 {
|
||||
return defaultSecureSource.Int63()
|
||||
}
|
||||
|
||||
// Int64 returns a strongly random int64.
|
||||
func Int64() int64 {
|
||||
return int64(defaultSecureSource.Uint64())
|
||||
// Uint64 returns a cryptographically secure strongly random uint64.
|
||||
func Uint64() uint64 {
|
||||
return defaultSecureSource.Uint64()
|
||||
}
|
||||
|
||||
// Intn returns, as an int, a non-negative strongly random number in [0,n).
|
||||
// It panics if n <= 0.
|
||||
// Intn returns, as an int, a cryptographically secure non-negative
|
||||
// random number in [0,n). It panics if n <= 0.
|
||||
func Intn(n int) int {
|
||||
return defaultSecureRand.Intn(n)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -30,10 +30,10 @@ func TestRandomString(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func TestRandomInt64(t *testing.T) {
|
||||
ints := make([]int64, 1000)
|
||||
func TestRandomUint64(t *testing.T) {
|
||||
ints := make([]uint64, 1000)
|
||||
for i := range ints {
|
||||
ints[i] = Int64()
|
||||
ints[i] = Uint64()
|
||||
for j := range ints {
|
||||
if i == j {
|
||||
continue
|
||||
|
|
|
|||
|
|
@ -102,7 +102,7 @@ func NewCertificate(certFile, keyFile, commonName string, lifetimeDays int) (tls
|
|||
// NOTE: update checkExpiry() appropriately if you add or change attributes
|
||||
// in here, especially DNSNames or IPAddresses.
|
||||
template := x509.Certificate{
|
||||
SerialNumber: new(big.Int).SetInt64(rand.Int63()),
|
||||
SerialNumber: new(big.Int).SetUint64(rand.Uint64()),
|
||||
Subject: pkix.Name{
|
||||
CommonName: commonName,
|
||||
},
|
||||
|
|
|
|||
Loading…
Reference in New Issue