mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2025-07-29 12:19:54 +00:00
LibWeb: Use Crypto::fill_with_secure_random instead of PRNG
This commit is contained in:
rmg-x
Ali Mohammad Pur
parent
e222ccf028
commit
ceb7f5f017
Notes:
github-actions[bot]
2024-12-24 16:55:54 +00:00
Author: https://github.com/rmg-x
Commit: ceb7f5f017
Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/2996
Reviewed-by: https://github.com/ADKaster
2 changed files with 5 additions and 4 deletions
|
|
@ -7,6 +7,7 @@
|
|||
|
||||
#include <AK/Random.h>
|
||||
#include <AK/StringBuilder.h>
|
||||
#include <LibCrypto/SecureRandom.h>
|
||||
#include <LibJS/Runtime/TypedArray.h>
|
||||
#include <LibWeb/Bindings/CryptoPrototype.h>
|
||||
#include <LibWeb/Bindings/ExceptionOrUtils.h>
|
||||
|
|
@ -67,7 +68,7 @@ WebIDL::ExceptionOr<GC::Root<WebIDL::ArrayBufferView>> Crypto::get_random_values
|
|||
// FIXME: Handle SharedArrayBuffers
|
||||
|
||||
// 3. Overwrite all elements of array with cryptographically strong random values of the appropriate type.
|
||||
fill_with_random(array->viewed_array_buffer()->buffer().bytes().slice(array->byte_offset(), array->byte_length()));
|
||||
::Crypto::fill_with_secure_random(array->viewed_array_buffer()->buffer().bytes().slice(array->byte_offset(), array->byte_length()));
|
||||
|
||||
// 4. Return array.
|
||||
return array;
|
||||
|
|
@ -94,7 +95,7 @@ ErrorOr<String> generate_random_uuid()
|
|||
u8 bytes[16];
|
||||
|
||||
// 2. Fill bytes with cryptographically secure random bytes.
|
||||
fill_with_random(bytes);
|
||||
::Crypto::fill_with_secure_random(bytes);
|
||||
|
||||
// 3. Set the 4 most significant bits of bytes[6], which represent the UUID version, to 0100.
|
||||
bytes[6] &= ~(1 << 7);
|
||||
|
|
|
|||
|
|
@ -29,6 +29,7 @@
|
|||
#include <LibCrypto/Hash/SHA2.h>
|
||||
#include <LibCrypto/PK/RSA.h>
|
||||
#include <LibCrypto/Padding/OAEP.h>
|
||||
#include <LibCrypto/SecureRandom.h>
|
||||
#include <LibJS/Runtime/Array.h>
|
||||
#include <LibJS/Runtime/ArrayBuffer.h>
|
||||
#include <LibJS/Runtime/DataView.h>
|
||||
|
|
@ -323,8 +324,7 @@ static WebIDL::ExceptionOr<void> validate_jwk_key_ops(JS::Realm& realm, Bindings
|
|||
static WebIDL::ExceptionOr<ByteBuffer> generate_random_key(JS::VM& vm, u16 const size_in_bits)
|
||||
{
|
||||
auto key_buffer = TRY_OR_THROW_OOM(vm, ByteBuffer::create_uninitialized(size_in_bits / 8));
|
||||
// FIXME: Use a cryptographically secure random generator
|
||||
fill_with_random(key_buffer);
|
||||
::Crypto::fill_with_secure_random(key_buffer);
|
||||
return key_buffer;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue