Commit c60ba130 authored by Xavier Guimard's avatar Xavier Guimard

Replace rand() by Crypt::URandom::urandom()

parent 01ba3b6e
......@@ -14,6 +14,7 @@ Build-Depends-Indep: libapache-session-perl,
libconvert-pem-perl,
libcrypt-openssl-rsa-perl,
libcrypt-openssl-x509-perl,
libcrypt-urandom-perl,
libcrypt-rijndael-perl,
libdbd-sqlite3-perl,
libdbi-perl,
......@@ -195,6 +196,7 @@ Depends: ${misc:Depends},
libconfig-inifiles-perl,
libcrypt-openssl-rsa-perl,
libcrypt-openssl-x509-perl,
libcrypt-urandom-perl,
libcrypt-rijndael-perl,
libhtml-template-perl,
libjson-perl,
......
......@@ -33,6 +33,7 @@ WriteMakefile(
'Apache::Session::Browseable' => 0,
'Convert::Base32' => 0,
'Cookie::Baker::XS' => 0,
'Crypt::URandom' => 0,
'DBI' => 0,
'Net::LDAP' => 0,
'SOAP::Lite' => 0,
......
......@@ -9,6 +9,7 @@
package Lemonldap::NG::Common::Apache::Session::Generate::SHA256;
use strict;
use Crypt::URandom;
use Digest::SHA qw(sha256 sha256_hex sha256_base64);
our $VERSION = '2.0.0';
......@@ -23,7 +24,9 @@ sub generate {
$session->{data}->{_session_id} = substr(
Digest::SHA::sha256_hex(
Digest::SHA::sha256_hex( time() . {} . rand() . $$ )
Digest::SHA::sha256_hex(
time() . {} . Crypt::URandom::urandom($length) . $$
)
),
0, $length
);
......
......@@ -5,7 +5,8 @@ package Lemonldap::NG::Common::TOTP;
use strict;
use Mouse;
use Convert::Base32 'decode_base32';
use Convert::Base32 qw(decode_base32 encode_base32);
use Crypt::URandom;
use Digest::HMAC_SHA1 'hmac_sha1_hex';
our $VERSION = '2.0.0';
......@@ -47,8 +48,7 @@ sub _code {
# Simply generate new base32 secret
sub newSecret {
my ($self) = @_;
my @chars = ( 'a' .. 'z', 2 .. 7 );
return join( '', @chars[ map { int( rand(32) ) } 1 .. 32 ] );
return encode_base32( Crypt::URandom::urandom(20) );
}
1;
package Lemonldap::NG::Manager::Cli;
use strict;
use Crypt::URandom;
use Mouse;
use Data::Dumper;
use Lemonldap::NG::Common::Conf::ReConstants;
......@@ -254,8 +255,9 @@ sub _save {
$new->{cfgDate} = time;
$new->{cfgVersion} = $VERSION;
$new->{cfgLog} = '';
$new->{key} ||=
join( '', map { chr( int( rand(94) ) + 33 ) } ( 1 .. 16 ) );
$new->{key} ||= join( '',
map { chr( int( ord( Crypt::URandom::urandom(1) ) * 94 / 256 ) + 33 ) }
( 1 .. 16 ) );
my $s = $self->mgr->confAcc->saveConf( $new, %$saveParams );
if ( $s > 0 ) {
......
......@@ -20,6 +20,7 @@ package Lemonldap::NG::Manager::Conf::Parser;
use strict;
use utf8;
use Crypt::URandom;
use Mouse;
use JSON 'to_json';
use Lemonldap::NG::Common::Conf::ReConstants;
......@@ -130,8 +131,9 @@ sub scanTree {
$self->newConf->{cfgAuthorIP} = $self->req->address;
$self->newConf->{cfgDate} = time;
$self->newConf->{cfgVersion} = $VERSION;
$self->newConf->{key} ||=
join( '', map { chr( int( rand(94) ) + 33 ) } ( 1 .. 16 ) );
$self->newConf->{key} ||= join( '',
map { chr( int( ord( Crypt::URandom::urandom(1) ) * 94 / 256 ) + 33 ) }
( 1 .. 16 ) );
return 1;
}
......
......@@ -3,6 +3,7 @@ package Lemonldap::NG::Portal::Lib::OneTimeToken;
use strict;
use Mouse;
use JSON qw(from_json to_json);
use Crypt::URandom;
our $VERSION = '2.0.0';
......@@ -63,7 +64,8 @@ sub createToken {
$infos->{_type} ||= "token";
if ( $self->cache ) {
my $id = $infos->{_utime} . '_' . int( rand(10000) );
my $id =
$infos->{_utime} . '_' . unpack( 's', Crypt::URandom::urandom(2) );
# Dereference $infos
my %h = %$infos;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment