From a16d04fccb22106a5c8b2d7d074b7ab94a1dd677 Mon Sep 17 00:00:00 2001 From: bb7133 Date: Tue, 27 Aug 2024 23:21:14 -0700 Subject: [PATCH] pkg/crypto: replace 'math/rand' with 'crypto/rand' (#2455) --- pkg/crypto/rand/rand.go | 55 ++++++++++++++++++++++------------------- pkg/telemetry/meta.go | 2 +- 2 files changed, 30 insertions(+), 27 deletions(-) diff --git a/pkg/crypto/rand/rand.go b/pkg/crypto/rand/rand.go index ebf77edbe6..aad1108dbb 100644 --- a/pkg/crypto/rand/rand.go +++ b/pkg/crypto/rand/rand.go @@ -14,42 +14,45 @@ package rand import ( - cr "crypto/rand" - "encoding/binary" - "fmt" - "math/rand" + "crypto/rand" + "io" + "math/big" ) -var ( - // Reader is a global random number source - Reader *rand.Rand -) +// rand provides a simple wrap of "crypto/rand". -func init() { - src := make([]byte, 8) - if _, err := cr.Read(src); err != nil { - panic(fmt.Sprintf("initial random: %s", err.Error())) - } - seed := binary.BigEndian.Uint64(src) - Reader = rand.New(rand.NewSource(int64(seed))) +// Reader is a global random number source +var Reader io.Reader = &cryptoRandReader{} + +type cryptoRandReader struct{} + +func (c *cryptoRandReader) Read(b []byte) (int, error) { + return rand.Read(b) } -// Int wraps Rand.Int +// Int wraps Int63n func Int() int { - return Reader.Int() + val := Int63n(int64(int(^uint(0) >> 1))) + return int(val) } -// Intn wraps Rand.Intn +// Intn wraps Int63n func Intn(n int) int { - return Reader.Intn(n) + if n <= 0 { + panic("argument to Intn must be positive") + } + val := Int63n(int64(n)) + return int(val) } -// Int63n wraps Rand.Int63n +// Int63n wraps rand.Int func Int63n(n int64) int64 { - return Reader.Int63n(n) -} - -// Read wraps Rand.Read -func Read(b []byte) (int, error) { - return Reader.Read(b) + if n <= 0 { + panic("argument to Int63n must be positive") + } + val, err := rand.Int(rand.Reader, big.NewInt(n)) + if err != nil { + panic(err) + } + return val.Int64() } diff --git a/pkg/telemetry/meta.go b/pkg/telemetry/meta.go index 04228c3b7f..495f21755f 100644 --- a/pkg/telemetry/meta.go +++ b/pkg/telemetry/meta.go @@ -14,13 +14,13 @@ package telemetry import ( + "crypto/rand" "fmt" "os" "path/filepath" "github.com/google/uuid" "github.com/pingcap/errors" - "github.com/pingcap/tiup/pkg/crypto/rand" "github.com/pingcap/tiup/pkg/environment" "github.com/pingcap/tiup/pkg/localdata" "github.com/pingcap/tiup/pkg/utils"