mirror of
https://github.com/OpenVPN/openvpn3.git
synced 2024-09-20 04:02:15 +02:00
require a strong PRNG for session id generation
Since session ids should always be truly random require a cryptographically strong random number generator. Since all places in the codes (besides tests) already pass a strong random source, this is just a formality. Signed-off-by: Heiko Hund <heiko@openvpn.net>
This commit is contained in:
parent
be3f20dc58
commit
e484aceec9
@ -55,7 +55,7 @@ class SessionIDType
|
||||
}
|
||||
|
||||
// Create a random Session ID.
|
||||
explicit SessionIDType(RandomAPI &rng)
|
||||
explicit SessionIDType(StrongRandomAPI &rng)
|
||||
{
|
||||
rng.rand_bytes(u.data, sizeof(u.data));
|
||||
}
|
||||
|
@ -117,7 +117,7 @@ struct SessionID : public SessionID128
|
||||
// dump("default");
|
||||
}
|
||||
|
||||
SessionID(RandomAPI &rng)
|
||||
SessionID(StrongRandomAPI &rng)
|
||||
: SessionID128(rng)
|
||||
{
|
||||
// dump("rng");
|
||||
@ -137,7 +137,7 @@ struct SessionID : public SessionID128
|
||||
class Session
|
||||
{
|
||||
public:
|
||||
Session(RandomAPI &rng)
|
||||
Session(StrongRandomAPI &rng)
|
||||
: sid(rng)
|
||||
{
|
||||
}
|
||||
@ -160,9 +160,9 @@ std::string test(Session *session)
|
||||
|
||||
TEST(sessid, refscope1)
|
||||
{
|
||||
MTRand rng(123456789);
|
||||
Session sess(rng);
|
||||
EXPECT_EQ("Name: myname SessID: DsiRkfGnT1l1WtMoM59SRA..", test(&sess));
|
||||
FakeSecureRand fake_rng(0x42);
|
||||
Session sess(fake_rng);
|
||||
EXPECT_EQ("Name: myname SessID: QkNERUZHSElKS0xNTk9QUQ..", test(&sess));
|
||||
EXPECT_EQ("Name: myname SessID: AAAAAAAAAAAAAAAAAAAAAA..", test(nullptr));
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user