From 77aa0e51962880c170d924fa735f2268772a0652 Mon Sep 17 00:00:00 2001
From: Daniel Mueller <deso@posteo.net>
Date: Mon, 14 Jan 2019 10:35:52 -0800
Subject: Use rand_os for random data generation

The rand crate comes with a slew of dependencies to cover all sort of
randomness related tasks in various scenarios. However, this crate
really only requires a tiny subset of this functionality. As it turns
out, this core functionality is provided by the rand_os crate.

This change drops the dependency to rand in favor of rand_os. In order
to accomplish that, it brings back the RngError variant for the
CommandError enum to capture the possibility of the creation of the
random number generator failing.
---
 src/auth.rs |  5 ++++-
 src/util.rs | 19 +++++++++++++++----
 2 files changed, 19 insertions(+), 5 deletions(-)

(limited to 'src')

diff --git a/src/auth.rs b/src/auth.rs
index a129bd8..3280924 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -149,7 +149,10 @@ where
     A: AuthenticatedDevice<D>,
     T: Fn(*const i8, *const i8) -> c_int,
 {
-    let temp_password = generate_password(TEMPORARY_PASSWORD_LENGTH);
+    let temp_password = match generate_password(TEMPORARY_PASSWORD_LENGTH) {
+        Ok(temp_password) => temp_password,
+        Err(err) => return Err((device, err)),
+    };
     let password = match get_cstring(password) {
         Ok(password) => password,
         Err(err) => return Err((device, err)),
diff --git a/src/util.rs b/src/util.rs
index cb109d0..54062a5 100644
--- a/src/util.rs
+++ b/src/util.rs
@@ -4,7 +4,8 @@ use std::fmt;
 use std::os::raw::{c_char, c_int};
 
 use libc::{c_void, free};
-use rand::Rng;
+use rand_core::RngCore;
+use rand_os::OsRng;
 
 /// Error types returned by Nitrokey device or by the library.
 #[derive(Clone, Copy, Debug, PartialEq)]
@@ -44,6 +45,8 @@ pub enum CommandError {
     InvalidHexString,
     /// The target buffer was smaller than the source.
     TargetBufferTooSmall,
+    /// An error occurred during random number generation.
+    RngError,
 }
 
 /// Log level for libnitrokey.
@@ -106,10 +109,11 @@ pub fn get_last_error() -> CommandError {
     };
 }
 
-pub fn generate_password(length: usize) -> Vec<u8> {
+pub fn generate_password(length: usize) -> Result<Vec<u8>, CommandError> {
+    let mut rng = OsRng::new()?;
     let mut data = vec![0u8; length];
-    rand::thread_rng().fill(&mut data[..]);
-    return data;
+    rng.fill_bytes(&mut data[..]);
+    Ok(data)
 }
 
 pub fn get_cstring<T: Into<Vec<u8>>>(s: T) -> Result<CString, CommandError> {
@@ -146,6 +150,7 @@ impl CommandError {
                 "The supplied string is not in hexadecimal format".into()
             }
             CommandError::TargetBufferTooSmall => "The target buffer is too small".into(),
+            CommandError::RngError => "An error occurred during random number generation".into(),
         }
     }
 }
@@ -178,6 +183,12 @@ impl From<c_int> for CommandError {
     }
 }
 
+impl From<rand_core::Error> for CommandError {
+    fn from(_error: rand_core::Error) -> Self {
+        CommandError::RngError
+    }
+}
+
 impl Into<i32> for LogLevel {
     fn into(self) -> i32 {
         match self {
-- 
cgit v1.2.1