Change generate to be cryptographically secure

/dev/urandom, BCryptGenRandom
2024-07-02 11:57:00 +02:00
parent d5af421932
commit a01cfd8f25
4 changed files with 502 additions and 6 deletions
--- a/source/arg_func.cpp
+++ b/source/arg_func.cpp
@@ -142,7 +142,11 @@ std::optional<LoginInfoPointer> arg_new_password(Buffer &decrypted_buffer, Buffe
 				length = default_length;
 		}

-		generate_password(password, length);
+		if (!generate_password(password, length))
+		{
+			printf("error generating password\n");
+			return {};
+		}
 	}
 	else
 	{
--- a/source/func.cpp
+++ b/source/func.cpp
@@ -1,10 +1,12 @@
-#include <ctime>
 #include <cstring>

 #include "func.hpp"
 #include "glob.hpp"
 #include "buffer.hpp"

+#define CRYPTORAND_IMPLEMENTATION
+#include "cryptorand.hpp"
+
 int find_logininfo_in_buffer(Buffer &buffer, const char *label)
 {
 	Index *index = (Index *)buffer.buffer;
@@ -73,12 +75,26 @@ LoginInfoPointer get_logininfo_pointer_from_buffer(Buffer &buffer, int index_of_
 	return ret;
 }

-void generate_password(std::string &password, int len)
+bool generate_password(std::string &password, int len)
 {
-	srand(time(NULL));
+
+	cryptorand pRNG;
+	cryptorand_result res = cryptorand_init(&pRNG);
+	if (res != CRYPTORAND_SUCCESS)
+		return false;
+
+	int buff;
+
 	char characters[] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789~!@#$%^&*()_-+={[}]|:;<,>.?";
 	for (int i = 0; i < len; i++)
 	{
-		password += characters[rand() % (sizeof(characters) - 1)];
+		res = cryptorand_generate(&pRNG, &buff, sizeof(buff));
+		if (res != CRYPTORAND_SUCCESS)
+			return false;
+		password += characters[buff % (sizeof(characters) - 1)];
 	}
+
+	cryptorand_uninit(&pRNG);
+
+	return true;
 }