FIX: Replace RAND_bytes with CryptographicRandom::fillBuffer

https://www.openssl.org/docs/man1.1.1/man3/RAND_bytes.html: If the entropy source fails or is not available, the CSPRNG will enter an error state and refuse to generate random bytes. For that reason, it is important to always check the error return value of RAND_bytes() and RAND_priv_bytes() and not take randomness for granted. Also remove unnecessary cast.
author: TredwellGit <tredwell@tutanota.com> 2021-04-03 21:24:28 +0300
committer: TredwellGit <tredwell@tutanota.com> 2021-04-03 21:24:28 +0300
commit: c454f870727d60ef13bb40b5782da24bfbf92d9d (patch)
tree: f1c8c7135d98636a554a0c8fc995d826538f4fc6 /src/murmur/PBKDF2.cpp
parent: e0d005699e7032f661a822226ea16dcb41ca0522 (diff)
1 files changed, 2 insertions, 4 deletions
diff --git a/src/murmur/PBKDF2.cpp b/src/murmur/PBKDF2.cpp
index e1038b6b2..af41c0c7f 100644
--- a/src/murmur/PBKDF2.cpp
+++ b/src/murmur/PBKDF2.cpp
@@ -45,6 +45,7 @@
 #endif
 
 #include "PBKDF2.h"
+#include "crypto/CryptographicRandom.h"
 
 #include <QtCore/QElapsedTimer>
 #include <QtCore/QLatin1String>
@@ -109,10 +110,7 @@ QString PBKDF2::getHash(const QString &hexSalt, const QString &password, int ite
 QString PBKDF2::getSalt() {
 	QByteArray salt(SALT_LENGTH, 0);
 
-	if (RAND_bytes(reinterpret_cast< unsigned char * >(salt.data()), salt.size()) != 1) {
-		qFatal("PBKDF2: RAND_bytes for salt failed: %s", ERR_error_string(ERR_get_error(), nullptr));
-		return QString();
-	}
+	CryptographicRandom::fillBuffer(salt.data(), salt.size());
 
 	return QString::fromLatin1(salt.toHex());
 }
author	TredwellGit <tredwell@tutanota.com>	2021-04-03 21:24:28 +0300
committer	TredwellGit <tredwell@tutanota.com>	2021-04-03 21:24:28 +0300
commit	c454f870727d60ef13bb40b5782da24bfbf92d9d (patch)
tree	f1c8c7135d98636a554a0c8fc995d826538f4fc6 /src/murmur/PBKDF2.cpp
parent	e0d005699e7032f661a822226ea16dcb41ca0522 (diff)