From 506d0b17fc2b157d91efe75e914c28d0712e861b Mon Sep 17 00:00:00 2001 From: Emmanuel Gil Peyrot Date: Thu, 17 Jan 2019 23:53:29 +0100 Subject: [PATCH] Switch to rand_os for random bytes. --- sasl/Cargo.toml | 1 + sasl/src/common/scram.rs | 13 ++++++++----- sasl/src/error.rs | 12 ++++++------ 3 files changed, 15 insertions(+), 11 deletions(-) diff --git a/sasl/Cargo.toml b/sasl/Cargo.toml index 663b103..9152711 100644 --- a/sasl/Cargo.toml +++ b/sasl/Cargo.toml @@ -20,6 +20,7 @@ scram = ["openssl"] [dependencies] base64 = "0.10" +rand_os = "0.1" sha-1 = "0.8" sha2 = "0.8" hmac = "0.7" diff --git a/sasl/src/common/scram.rs b/sasl/src/common/scram.rs index 6b88e02..681524b 100644 --- a/sasl/src/common/scram.rs +++ b/sasl/src/common/scram.rs @@ -1,8 +1,10 @@ use hmac::{Hmac, Mac}; -use openssl::error::ErrorStack; use openssl::hash::MessageDigest; use openssl::pkcs5::pbkdf2_hmac; -use openssl::rand::rand_bytes; +use rand_os::{ + rand_core::{Error as RngError, RngCore}, + OsRng, +}; use sha1::{Digest, Sha1 as Sha1_hash}; use sha2::Sha256 as Sha256_hash; @@ -13,9 +15,10 @@ use crate::secret; use base64; /// Generate a nonce for SCRAM authentication. -pub fn generate_nonce() -> Result { - let mut data = vec![0; 32]; - rand_bytes(&mut data)?; +pub fn generate_nonce() -> Result { + let mut data = [0u8; 32]; + let mut rng = OsRng::new()?; + rng.fill_bytes(&mut data); Ok(base64::encode(&data)) } diff --git a/sasl/src/error.rs b/sasl/src/error.rs index 6d79df2..b528707 100644 --- a/sasl/src/error.rs +++ b/sasl/src/error.rs @@ -1,19 +1,19 @@ #[cfg(feature = "scram")] -use openssl::error::ErrorStack; +use rand_os::rand_core::Error as RngError; /// A wrapper enum for things that could go wrong in this crate. #[derive(Debug)] pub enum Error { #[cfg(feature = "scram")] - /// An error in OpenSSL. - OpenSslErrorStack(ErrorStack), + /// An error while initializing the Rng. + RngError(RngError), /// An error in a SASL mechanism. SaslError(String), } #[cfg(feature = "scram")] -impl From for Error { - fn from(err: ErrorStack) -> Error { - Error::OpenSslErrorStack(err) +impl From for Error { + fn from(err: RngError) -> Error { + Error::RngError(err) } }