Make random value generation safer

Panic on short reads and other errors.

Make random value generation safer
3640a003 · ale · e124bf26 · 3640a003 · 3640a003 · 3640a003
Commit 3640a003 authored 7 years ago by ale
--- a/httpsso/handler.go
+++ b/httpsso/handler.go
 package httpsso

 import (
+	"crypto/rand"
 	"encoding/gob"
 	"encoding/hex"
 	"io"
-	"math/rand"
+	"log"
 	"net/http"
 	"net/url"
 	"strings"
@@ -95,6 +96,7 @@ func (s *SSOWrapper) handleLogin(w http.ResponseWriter, req *http.Request, sessi
 	// Pop the nonce from the session.
 	nonce, ok := session.Values["nonce"].(string)
 	if !ok || nonce == "" {
+		log.Printf("got login request without nonce")
 		http.Error(w, "Missing nonce", http.StatusBadRequest)
 		return
 	}
@@ -102,6 +104,7 @@ func (s *SSOWrapper) handleLogin(w http.ResponseWriter, req *http.Request, sessi

 	tkt, err := s.v.Validate(t, nonce, service, groups)
 	if err != nil {
+		log.Printf("validation error for token %s: %v", t, err)
 		http.Error(w, err.Error(), http.StatusBadRequest)
 		return
 	}
@@ -171,7 +174,7 @@ func getFullURL(req *http.Request, scheme string) *url.URL {

 func makeUniqueNonce() string {
 	var b [8]byte
-	if _, err := rand.Read(b[:]); err != nil {
+	if _, err := io.ReadFull(rand.Reader, b[:]); err != nil {
 		panic(err)
 	}
 	return hex.EncodeToString(b[:])

--- a/saml/saml.go
+++ b/saml/saml.go
@@ -8,6 +8,7 @@ import (
 	"encoding/xml"
 	"errors"
 	"fmt"
+	"io"
 	"io/ioutil"
 	"net/http"
 	"net/url"
@@ -208,7 +209,7 @@ func NewSAMLIDP(config *Config) (http.Handler, error) {

 func randomBytes(n int) []byte {
 	b := make([]byte, n)
-	if _, err := rand.Read(b); err != nil {
+	if _, err := io.ReadFull(rand.Reader, b[:]); err != nil {
 		panic(err)
 	}
 	return b

--- a/server/device/manager.go
+++ b/server/device/manager.go
@@ -3,6 +3,7 @@ package device
 import (
 	"crypto/rand"
 	"encoding/hex"
+	"io"
 	"log"
 	"net"
 	"net/http"
@@ -15,7 +16,9 @@ import (

 func randomDeviceID() string {
 	b := make([]byte, 8)
-	rand.Read(b)
+	if _, err := io.ReadFull(rand.Reader, b[:]); err != nil {
+		panic(err)
+	}
 	return hex.EncodeToString(b)
 }


--- a/server/service_test.go
+++ b/server/service_test.go
 package server

 import (
-	"crypto/rand"
 	"fmt"
 	"io/ioutil"
 	"os"
@@ -12,7 +11,7 @@ import (
 )

 func testConfig(t testing.TB, tmpdir string) *Config {
-	pub, priv, err := ed25519.GenerateKey(rand.Reader)
+	pub, priv, err := ed25519.GenerateKey(nil)
 	if err != nil {
 		t.Fatal(err)
 	}

--- a/sso_test.go
+++ b/sso_test.go
 package sso

 import (
-	"crypto/rand"
 	"testing"
 	"time"

@@ -9,7 +8,7 @@ import (
 )

 func TestEd25519(t *testing.T) {
-	pub, priv, err := ed25519.GenerateKey(rand.Reader)
+	pub, priv, err := ed25519.GenerateKey(nil)
 	if err != nil {
 		t.Fatal(err)
 	}