Entropy cannot be saved
Remove non cryptographic randomness. Signed-off-by: Justin Cormack <justin.cormack@docker.com> (cherry picked from commit 2df693e533e904f432c59279c07b2b8cbeece4f0) Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Upstream-commit: 292b43b15b68cd4b64bfc7b89452dc19ddf2cf48 Component: engine
This commit is contained in:
Justin Cormack
committed by
Sebastiaan van Stijn
Sebastiaan van Stijn
parent
630cd7d11b
commit
932cc247c5
@ -2,17 +2,12 @@
|
||||
package stringid // import "github.com/docker/docker/pkg/stringid"
|
||||
|
||||
import (
|
||||
cryptorand "crypto/rand"
|
||||
"crypto/rand"
|
||||
"encoding/hex"
|
||||
"fmt"
|
||||
"io"
|
||||
"math"
|
||||
"math/big"
|
||||
"math/rand"
|
||||
"regexp"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
)
|
||||
|
||||
const shortLen = 12
|
||||
@ -41,10 +36,11 @@ func TruncateID(id string) string {
|
||||
return id
|
||||
}
|
||||
|
||||
func generateID(r io.Reader) string {
|
||||
// GenerateRandomID returns a unique id.
|
||||
func GenerateRandomID() string {
|
||||
b := make([]byte, 32)
|
||||
for {
|
||||
if _, err := io.ReadFull(r, b); err != nil {
|
||||
if _, err := rand.Read(b); err != nil {
|
||||
panic(err) // This shouldn't happen
|
||||
}
|
||||
id := hex.EncodeToString(b)
|
||||
@ -58,18 +54,6 @@ func generateID(r io.Reader) string {
|
||||
}
|
||||
}
|
||||
|
||||
// GenerateRandomID returns a unique id.
|
||||
func GenerateRandomID() string {
|
||||
return generateID(cryptorand.Reader)
|
||||
}
|
||||
|
||||
// GenerateNonCryptoID generates unique id without using cryptographically
|
||||
// secure sources of random.
|
||||
// It helps you to save entropy.
|
||||
func GenerateNonCryptoID() string {
|
||||
return generateID(readerFunc(rand.Read))
|
||||
}
|
||||
|
||||
// ValidateID checks whether an ID string is a valid image ID.
|
||||
func ValidateID(id string) error {
|
||||
if ok := validHex.MatchString(id); !ok {
|
||||
@ -77,23 +61,3 @@ func ValidateID(id string) error {
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func init() {
|
||||
// safely set the seed globally so we generate random ids. Tries to use a
|
||||
// crypto seed before falling back to time.
|
||||
var seed int64
|
||||
if cryptoseed, err := cryptorand.Int(cryptorand.Reader, big.NewInt(math.MaxInt64)); err != nil {
|
||||
// This should not happen, but worst-case fallback to time-based seed.
|
||||
seed = time.Now().UnixNano()
|
||||
} else {
|
||||
seed = cryptoseed.Int64()
|
||||
}
|
||||
|
||||
rand.Seed(seed)
|
||||
}
|
||||
|
||||
type readerFunc func(p []byte) (int, error)
|
||||
|
||||
func (fn readerFunc) Read(p []byte) (int, error) {
|
||||
return fn(p)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user