From 70cac38ddf6be2afab13258c23514dd5b29fd0e2 Mon Sep 17 00:00:00 2001 From: "sergeyu@chromium.org" Date: Wed, 30 Nov 2011 06:16:26 +0000 Subject: Always generate host secrets of correct length. BUG=105798 TEST=Access code is always 12 digits long. Review URL: http://codereview.chromium.org/8734012 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@112137 0039d316-1c4b-4281-b951-d872f2087c98 --- remoting/host/host_secret.cc | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'remoting') diff --git a/remoting/host/host_secret.cc b/remoting/host/host_secret.cc index 1ed8622..ebc224b 100644 --- a/remoting/host/host_secret.cc +++ b/remoting/host/host_secret.cc @@ -4,7 +4,7 @@ #include "remoting/host/host_secret.h" -#include +#include #include "base/logging.h" #include "base/rand_util.h" @@ -17,11 +17,12 @@ namespace { // 5 digits means 100K possible host secrets with uniform distribution, which // should be enough for short-term passwords, given that we rate-limit guesses // in the cloud and expire access codes after a small number of attempts. -const int kMaxHostSecret = 100000; +const int kHostSecretLength = 5; +const char kHostSecretAlphabet[] = "0123456789"; // Generates cryptographically strong random number in the range [0, max). int CryptoRandomInt(int max) { - uint64 random_int32; + uint32 random_int32; base::RandBytes(&random_int32, sizeof(random_int32)); return random_int32 % max; } @@ -29,7 +30,13 @@ int CryptoRandomInt(int max) { } // namespace std::string GenerateSupportHostSecret() { - return base::IntToString(CryptoRandomInt(kMaxHostSecret)); + std::string result; + int alphabet_size = strlen(kHostSecretAlphabet); + result.resize(kHostSecretLength); + for (int i = 0; i < kHostSecretLength; ++i) { + result[i] = kHostSecretAlphabet[CryptoRandomInt(alphabet_size)]; + } + return result; } } // namespace remoting -- cgit v1.1