2014-12-07 16:41:24 +01:00
|
|
|
// Copyright (C) 2014 The Syncthing Authors.
|
|
|
|
//
|
2015-03-07 21:36:35 +01:00
|
|
|
// This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
// License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
|
|
|
// You can obtain one at http://mozilla.org/MPL/2.0/.
|
2014-12-07 16:41:24 +01:00
|
|
|
|
2016-05-26 07:02:56 +00:00
|
|
|
// Package rand implements functions similar to math/rand in the standard
|
|
|
|
// library, but on top of a secure random number generator.
|
|
|
|
package rand
|
2014-12-07 16:41:24 +01:00
|
|
|
|
|
|
|
import (
|
|
|
|
"crypto/md5"
|
|
|
|
cryptoRand "crypto/rand"
|
|
|
|
"encoding/binary"
|
2014-12-08 19:36:08 +01:00
|
|
|
"io"
|
2014-12-07 16:41:24 +01:00
|
|
|
mathRand "math/rand"
|
|
|
|
)
|
|
|
|
|
2016-05-26 07:02:56 +00:00
|
|
|
// Reader is the standard crypto/rand.Reader, re-exported for convenience
|
|
|
|
var Reader = cryptoRand.Reader
|
|
|
|
|
2014-12-07 16:41:24 +01:00
|
|
|
// randomCharset contains the characters that can make up a randomString().
|
2016-05-09 09:43:40 +00:00
|
|
|
const randomCharset = "2345679abcdefghijkmnopqrstuvwxyzACDEFGHJKLMNPQRSTUVWXYZ"
|
2014-12-07 16:41:24 +01:00
|
|
|
|
2016-05-25 06:38:38 +00:00
|
|
|
var (
|
|
|
|
// defaultSecureSource is a concurrency safe math/rand.Source with a
|
|
|
|
// cryptographically sound base.
|
|
|
|
defaltSecureSource = newSecureSource()
|
|
|
|
|
|
|
|
// defaultSecureRand is a math/rand.Rand based on the secure source.
|
|
|
|
defaultSecureRand = mathRand.New(defaltSecureSource)
|
|
|
|
)
|
|
|
|
|
2016-05-26 07:02:56 +00:00
|
|
|
// String returns a strongly random string of characters (taken from
|
2016-05-25 06:38:38 +00:00
|
|
|
// randomCharset) of the specified length. The returned string contains ~5.8
|
|
|
|
// bits of entropy per character, due to the character set used.
|
2016-05-26 07:02:56 +00:00
|
|
|
func String(l int) string {
|
2014-12-07 16:41:24 +01:00
|
|
|
bs := make([]byte, l)
|
|
|
|
for i := range bs {
|
2016-05-25 06:38:38 +00:00
|
|
|
bs[i] = randomCharset[defaultSecureRand.Intn(len(randomCharset))]
|
2014-12-07 16:41:24 +01:00
|
|
|
}
|
|
|
|
return string(bs)
|
|
|
|
}
|
|
|
|
|
2016-05-26 07:02:56 +00:00
|
|
|
// Int63 returns a strongly random int63
|
|
|
|
func Int63() int64 {
|
|
|
|
return defaltSecureSource.Int63()
|
|
|
|
}
|
|
|
|
|
|
|
|
// Int64 returns a strongly random int64
|
|
|
|
func Int64() int64 {
|
2014-12-07 16:41:24 +01:00
|
|
|
var bs [8]byte
|
2014-12-08 19:40:38 +01:00
|
|
|
_, err := io.ReadFull(cryptoRand.Reader, bs[:])
|
|
|
|
if err != nil {
|
|
|
|
panic("randomness failure: " + err.Error())
|
2014-12-07 16:41:24 +01:00
|
|
|
}
|
2016-05-26 07:02:56 +00:00
|
|
|
return int64(binary.BigEndian.Uint64(bs[:]))
|
|
|
|
}
|
|
|
|
|
|
|
|
// Intn returns, as an int, a non-negative strongly random number in [0,n).
|
|
|
|
// It panics if n <= 0.
|
|
|
|
func Intn(n int) int {
|
|
|
|
return defaultSecureRand.Intn(n)
|
2014-12-07 16:41:24 +01:00
|
|
|
}
|
|
|
|
|
2016-03-25 07:35:18 +00:00
|
|
|
// SeedFromBytes calculates a weak 64 bit hash from the given byte slice,
|
2014-12-07 16:41:24 +01:00
|
|
|
// suitable for use a predictable random seed.
|
2016-03-25 07:35:18 +00:00
|
|
|
func SeedFromBytes(bs []byte) int64 {
|
2014-12-07 16:41:24 +01:00
|
|
|
h := md5.New()
|
|
|
|
h.Write(bs)
|
|
|
|
s := h.Sum(nil)
|
|
|
|
// The MD5 hash of the byte slice is 16 bytes long. We interpret it as two
|
|
|
|
// uint64s and XOR them together.
|
|
|
|
return int64(binary.BigEndian.Uint64(s[0:]) ^ binary.BigEndian.Uint64(s[8:]))
|
|
|
|
}
|