addrbook key is more secure

2026-01-09 06:33:16 +00:00 · 2014-07-16 17:23:13 -07:00
parent 45adb24d43
commit 162bff99b2
2 changed files with 32 additions and 2 deletions
--- a/common/random.go
+++ b/common/random.go
@@ -1,6 +1,8 @@
 package common

 import (
+	crand "crypto/rand"
+	"encoding/hex"
 	"math/rand"
 )

@@ -8,7 +10,19 @@ const (
 	strChars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" // 62 characters
 )

-// Construts an alphanumeric string of given length.
+func init() {
+	// Seed math/rand with "secure" int64
+	b := RandBytes(8)
+	var seed uint64
+	for i := 0; i < 8; i++ {
+		seed |= uint64(b[i])
+		seed <<= 8
+	}
+	rand.Seed(int64(seed))
+}
+
+// Constructs an alphanumeric string of given length.
+// Not crypto safe
 func RandStr(length int) string {
 	chars := []byte{}
 MAIN_LOOP:
@@ -31,3 +45,19 @@ MAIN_LOOP:

 	return string(chars)
 }
+
+// Crypto safe
+func RandBytes(numBytes int) []byte {
+	b := make([]byte, numBytes)
+	_, err := crand.Read(b)
+	if err != nil {
+		panic(err)
+	}
+	return b
+}
+
+// Crypto safe
+// RandHex(24) gives 96 bits of randomness, strong enough for most purposes.
+func RandHex(numDigits int) string {
+	return hex.EncodeToString(RandBytes(numDigits / 2))
+}
--- a/p2p/addrbook.go
+++ b/p2p/addrbook.go
@@ -106,7 +106,7 @@ func NewAddrBook(filePath string) *AddrBook {

 // When modifying this, don't forget to update loadFromFile()
 func (a *AddrBook) init() {
-	a.key = RandStr(12)
+	a.key = RandHex(24) // 24/2 * 8 = 96 bits
 	// addr -> ka index
 	a.addrLookup = make(map[string]*knownAddress)
 	// New addr buckets