diff options
-rw-r--r-- | CHANGELOG.md | 2 | ||||
-rw-r--r-- | Cargo.toml | 3 | ||||
-rw-r--r-- | src/auth.rs | 5 | ||||
-rw-r--r-- | src/util.rs | 19 |
4 files changed, 23 insertions, 6 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 4969c00..51d2b1e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,8 @@ # Unreleased - Add the `get_production_info` and `clear_new_sd_card_warning` methods to the `Storage` struct. +- Use `rand_os` instead of `rand` for random data creation. + - (Re-)add `CommandError::RngError` variant. # v0.3.2 (2019-01-12) - Make three additional error codes known: `CommandError::StringTooLong`, @@ -19,7 +19,8 @@ test-storage = [] [dependencies] libc = "0.2" nitrokey-sys = "3.4" -rand = "0.6" +rand_core = {version = "0.3", default-features = false} +rand_os = {version = "0.1"} [dev-dependencies] nitrokey-test = {version = "0.1"} diff --git a/src/auth.rs b/src/auth.rs index a129bd8..3280924 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -149,7 +149,10 @@ where A: AuthenticatedDevice<D>, T: Fn(*const i8, *const i8) -> c_int, { - let temp_password = generate_password(TEMPORARY_PASSWORD_LENGTH); + let temp_password = match generate_password(TEMPORARY_PASSWORD_LENGTH) { + Ok(temp_password) => temp_password, + Err(err) => return Err((device, err)), + }; let password = match get_cstring(password) { Ok(password) => password, Err(err) => return Err((device, err)), diff --git a/src/util.rs b/src/util.rs index cb109d0..54062a5 100644 --- a/src/util.rs +++ b/src/util.rs @@ -4,7 +4,8 @@ use std::fmt; use std::os::raw::{c_char, c_int}; use libc::{c_void, free}; -use rand::Rng; +use rand_core::RngCore; +use rand_os::OsRng; /// Error types returned by Nitrokey device or by the library. #[derive(Clone, Copy, Debug, PartialEq)] @@ -44,6 +45,8 @@ pub enum CommandError { InvalidHexString, /// The target buffer was smaller than the source. TargetBufferTooSmall, + /// An error occurred during random number generation. + RngError, } /// Log level for libnitrokey. @@ -106,10 +109,11 @@ pub fn get_last_error() -> CommandError { }; } -pub fn generate_password(length: usize) -> Vec<u8> { +pub fn generate_password(length: usize) -> Result<Vec<u8>, CommandError> { + let mut rng = OsRng::new()?; let mut data = vec![0u8; length]; - rand::thread_rng().fill(&mut data[..]); - return data; + rng.fill_bytes(&mut data[..]); + Ok(data) } pub fn get_cstring<T: Into<Vec<u8>>>(s: T) -> Result<CString, CommandError> { @@ -146,6 +150,7 @@ impl CommandError { "The supplied string is not in hexadecimal format".into() } CommandError::TargetBufferTooSmall => "The target buffer is too small".into(), + CommandError::RngError => "An error occurred during random number generation".into(), } } } @@ -178,6 +183,12 @@ impl From<c_int> for CommandError { } } +impl From<rand_core::Error> for CommandError { + fn from(_error: rand_core::Error) -> Self { + CommandError::RngError + } +} + impl Into<i32> for LogLevel { fn into(self) -> i32 { match self { |