diff options
author | Leo Liu <[email protected]> | 2016-06-08 10:15:14 +0800 |
---|---|---|
committer | Leo Liu <[email protected]> | 2016-06-08 10:16:49 +0800 |
commit | a7d5141d13c8944867c9361e544981d9954728c4 (patch) | |
tree | 7bf30ebdab195c052450595b7f4793d30e49e0f5 /src/cow_ws.erl | |
parent | 8645a8f197b186f4e376bcd3753c5b019830dca8 (diff) | |
download | cowlib-a7d5141d13c8944867c9361e544981d9954728c4.tar.gz cowlib-a7d5141d13c8944867c9361e544981d9954728c4.tar.bz2 cowlib-a7d5141d13c8944867c9361e544981d9954728c4.zip |
Fix #39: Prefer crypto:strong_rand_bytes/1
See also https://github.com/erlang/otp/pull/883
Diffstat (limited to 'src/cow_ws.erl')
-rw-r--r-- | src/cow_ws.erl | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/src/cow_ws.erl b/src/cow_ws.erl index dcc81a5..6551cbc 100644 --- a/src/cow_ws.erl +++ b/src/cow_ws.erl @@ -60,7 +60,7 @@ -spec key() -> binary(). key() -> - base64:encode(crypto:rand_bytes(16)). + base64:encode(crypto:strong_rand_bytes(16)). %% @doc Encode the key into the accept value for the Websocket handshake response. @@ -546,36 +546,36 @@ masked_frame({close, Payload}, Extensions) -> masked_frame({close, StatusCode, Payload}, _) -> Len = 2 + iolist_size(Payload), true = Len =< 125, - MaskKeyBin = << MaskKey:32 >> = crypto:rand_bytes(4), + MaskKeyBin = << MaskKey:32 >> = crypto:strong_rand_bytes(4), [<< 1:1, 0:3, 8:4, 1:1, Len:7 >>, MaskKeyBin, mask(iolist_to_binary([<< StatusCode:16 >>, Payload]), MaskKey, <<>>)]; masked_frame({ping, Payload}, _) -> Len = iolist_size(Payload), true = Len =< 125, - MaskKeyBin = << MaskKey:32 >> = crypto:rand_bytes(4), + MaskKeyBin = << MaskKey:32 >> = crypto:strong_rand_bytes(4), [<< 1:1, 0:3, 9:4, 1:1, Len:7 >>, MaskKeyBin, mask(iolist_to_binary(Payload), MaskKey, <<>>)]; masked_frame({pong, Payload}, _) -> Len = iolist_size(Payload), true = Len =< 125, - MaskKeyBin = << MaskKey:32 >> = crypto:rand_bytes(4), + MaskKeyBin = << MaskKey:32 >> = crypto:strong_rand_bytes(4), [<< 1:1, 0:3, 10:4, 1:1, Len:7 >>, MaskKeyBin, mask(iolist_to_binary(Payload), MaskKey, <<>>)]; %% Data frames, deflate-frame extension. masked_frame({text, Payload}, #{deflate := Deflate, deflate_takeover := TakeOver}) -> - MaskKeyBin = << MaskKey:32 >> = crypto:rand_bytes(4), + MaskKeyBin = << MaskKey:32 >> = crypto:strong_rand_bytes(4), Payload2 = mask(deflate_frame(Payload, Deflate, TakeOver), MaskKey, <<>>), Len = payload_length(Payload2), [<< 1:1, 1:1, 0:2, 1:4, 1:1, Len/bits >>, MaskKeyBin, Payload2]; masked_frame({binary, Payload}, #{deflate := Deflate, deflate_takeover := TakeOver}) -> - MaskKeyBin = << MaskKey:32 >> = crypto:rand_bytes(4), + MaskKeyBin = << MaskKey:32 >> = crypto:strong_rand_bytes(4), Payload2 = mask(deflate_frame(Payload, Deflate, TakeOver), MaskKey, <<>>), Len = payload_length(Payload2), [<< 1:1, 1:1, 0:2, 2:4, 1:1, Len/bits >>, MaskKeyBin, Payload2]; %% Data frames. masked_frame({text, Payload}, _) -> - MaskKeyBin = << MaskKey:32 >> = crypto:rand_bytes(4), + MaskKeyBin = << MaskKey:32 >> = crypto:strong_rand_bytes(4), Len = payload_length(Payload), [<< 1:1, 0:3, 1:4, 1:1, Len/bits >>, MaskKeyBin, mask(iolist_to_binary(Payload), MaskKey, <<>>)]; masked_frame({binary, Payload}, _) -> - MaskKeyBin = << MaskKey:32 >> = crypto:rand_bytes(4), + MaskKeyBin = << MaskKey:32 >> = crypto:strong_rand_bytes(4), Len = payload_length(Payload), [<< 1:1, 0:3, 2:4, 1:1, Len/bits >>, MaskKeyBin, mask(iolist_to_binary(Payload), MaskKey, <<>>)]. |