2 files changed, 19 insertions, 5 deletions

diff --git a/src/auth.rs b/src/auth.rs
index a129bd8..3280924 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -149,7 +149,10 @@ where
     A: AuthenticatedDevice<D>,
     T: Fn(*const i8, *const i8) -> c_int,
 {
-    let temp_password = generate_password(TEMPORARY_PASSWORD_LENGTH);
+    let temp_password = match generate_password(TEMPORARY_PASSWORD_LENGTH) {
+        Ok(temp_password) => temp_password,
+        Err(err) => return Err((device, err)),
+    };
     let password = match get_cstring(password) {
         Ok(password) => password,
         Err(err) => return Err((device, err)),
diff --git a/src/util.rs b/src/util.rs
index cb109d0..54062a5 100644
--- a/src/util.rs
+++ b/src/util.rs
@@ -4,7 +4,8 @@ use std::fmt;
 use std::os::raw::{c_char, c_int};
 
 use libc::{c_void, free};
-use rand::Rng;
+use rand_core::RngCore;
+use rand_os::OsRng;
 
 /// Error types returned by Nitrokey device or by the library.
 #[derive(Clone, Copy, Debug, PartialEq)]
@@ -44,6 +45,8 @@ pub enum CommandError {
     InvalidHexString,
     /// The target buffer was smaller than the source.
     TargetBufferTooSmall,
+    /// An error occurred during random number generation.
+    RngError,
 }
 
 /// Log level for libnitrokey.
@@ -106,10 +109,11 @@ pub fn get_last_error() -> CommandError {
     };
 }
 
-pub fn generate_password(length: usize) -> Vec<u8> {
+pub fn generate_password(length: usize) -> Result<Vec<u8>, CommandError> {
+    let mut rng = OsRng::new()?;
     let mut data = vec![0u8; length];
-    rand::thread_rng().fill(&mut data[..]);
-    return data;
+    rng.fill_bytes(&mut data[..]);
+    Ok(data)
 }
 
 pub fn get_cstring<T: Into<Vec<u8>>>(s: T) -> Result<CString, CommandError> {
@@ -146,6 +150,7 @@ impl CommandError {
                 "The supplied string is not in hexadecimal format".into()
             }
             CommandError::TargetBufferTooSmall => "The target buffer is too small".into(),
+            CommandError::RngError => "An error occurred during random number generation".into(),
         }
     }
 }
@@ -178,6 +183,12 @@ impl From<c_int> for CommandError {
     }
 }
 
+impl From<rand_core::Error> for CommandError {
+    fn from(_error: rand_core::Error) -> Self {
+        CommandError::RngError
+    }
+}
+
 impl Into<i32> for LogLevel {
     fn into(self) -> i32 {
         match self {