From 461c3b9785b8911034b6a7da8fcf4c840b651df8 Mon Sep 17 00:00:00 2001 From: Jae Kwon Date: Sun, 13 Mar 2016 09:57:10 -0700 Subject: [PATCH] Remove CRand* from go-common --- random.go | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/random.go b/random.go index 645601154..73bd16356 100644 --- a/random.go +++ b/random.go @@ -2,7 +2,6 @@ package common import ( crand "crypto/rand" - "encoding/hex" "math/rand" "time" ) @@ -12,8 +11,7 @@ const ( ) func init() { - // Seed math/rand with "secure" int64 - b := CRandBytes(8) + b := cRandBytes(8) var seed uint64 for i := 0; i < 8; i++ { seed |= uint64(b[i]) @@ -127,10 +125,10 @@ func RandBytes(n int) []byte { return bs } -//----------------------------------------------------------------------------- -// CRand* methods are crypto safe. - -func CRandBytes(numBytes int) []byte { +// NOTE: This relies on the os's random number generator. +// For real security, we should salt that with some seed. +// See github.com/tendermint/go-crypto for a more secure reader. +func cRandBytes(numBytes int) []byte { b := make([]byte, numBytes) _, err := crand.Read(b) if err != nil { @@ -138,8 +136,3 @@ func CRandBytes(numBytes int) []byte { } return b } - -// RandHex(24) gives 96 bits of randomness, strong enough for most purposes. -func CRandHex(numDigits int) string { - return hex.EncodeToString(CRandBytes(numDigits / 2)) -}