lib/rand: Break out random functions into separate package

The intention for this package is to provide a combination of the
security of crypto/rand and the convenience of math/rand. It should be
the first choice of random data unless ultimate performance is required
and the usage is provably irrelevant from a security standpoint.

GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/3186

lib/config/config.go

@@ -19,6 +19,7 @@ import (
 	"strings"
 
 	"github.com/syncthing/syncthing/lib/protocol"
+	"github.com/syncthing/syncthing/lib/rand"
 	"github.com/syncthing/syncthing/lib/util"
 )
 
@@ -254,7 +255,7 @@ func (cfg *Configuration) prepare(myID protocol.DeviceID) {
 	}
 
 	if cfg.GUI.APIKey == "" {
-		cfg.GUI.APIKey = util.RandomString(32)
+		cfg.GUI.APIKey = rand.String(32)
 	}
 }
 

lib/rand/random.go

@@ -4,7 +4,9 @@
 // License, v. 2.0. If a copy of the MPL was not distributed with this file,
 // You can obtain one at http://mozilla.org/MPL/2.0/.
 
-package util
+// Package rand implements functions similar to math/rand in the standard
+// library, but on top of a secure random number generator.
+package rand
 
 import (
 	"crypto/md5"
@@ -14,6 +16,9 @@ import (
 	mathRand "math/rand"
 )
 
+// Reader is the standard crypto/rand.Reader, re-exported for convenience
+var Reader = cryptoRand.Reader
+
 // randomCharset contains the characters that can make up a randomString().
 const randomCharset = "2345679abcdefghijkmnopqrstuvwxyzACDEFGHJKLMNPQRSTUVWXYZ"
 
@@ -26,15 +31,10 @@ var (
 	defaultSecureRand = mathRand.New(defaltSecureSource)
 )
 
-func init() {
-	// The default RNG should be seeded with something good.
-	mathRand.Seed(RandomInt64())
-}
-
-// RandomString returns a strongly random string of characters (taken from
+// String returns a strongly random string of characters (taken from
 // randomCharset) of the specified length. The returned string contains ~5.8
 // bits of entropy per character, due to the character set used.
-func RandomString(l int) string {
+func String(l int) string {
 	bs := make([]byte, l)
 	for i := range bs {
 		bs[i] = randomCharset[defaultSecureRand.Intn(len(randomCharset))]
@@ -42,14 +42,25 @@ func RandomString(l int) string {
 	return string(bs)
 }
 
-// RandomInt64 returns a strongly random int64, slowly
-func RandomInt64() int64 {
+// Int63 returns a strongly random int63
+func Int63() int64 {
+	return defaltSecureSource.Int63()
+}
+
+// Int64 returns a strongly random int64
+func Int64() int64 {
 	var bs [8]byte
 	_, err := io.ReadFull(cryptoRand.Reader, bs[:])
 	if err != nil {
 		panic("randomness failure: " + err.Error())
 	}
-	return SeedFromBytes(bs[:])
+	return int64(binary.BigEndian.Uint64(bs[:]))
+}
+
+// Intn returns, as an int, a non-negative strongly random number in [0,n).
+// It panics if n <= 0.
+func Intn(n int) int {
+	return defaultSecureRand.Intn(n)
 }
 
 // SeedFromBytes calculates a weak 64 bit hash from the given byte slice,

lib/rand/random_test.go

@@ -4,7 +4,7 @@
 // License, v. 2.0. If a copy of the MPL was not distributed with this file,
 // You can obtain one at http://mozilla.org/MPL/2.0/.
 
-package util
+package rand
 
 import "testing"
 
@@ -27,7 +27,7 @@ func TestSeedFromBytes(t *testing.T) {
 
 func TestRandomString(t *testing.T) {
 	for _, l := range []int{0, 1, 2, 3, 4, 8, 42} {
-		s := RandomString(l)
+		s := String(l)
 		if len(s) != l {
 			t.Errorf("Incorrect length %d != %d", len(s), l)
 		}
@@ -35,7 +35,7 @@ func TestRandomString(t *testing.T) {
 
 	strings := make([]string, 1000)
 	for i := range strings {
-		strings[i] = RandomString(8)
+		strings[i] = String(8)
 		for j := range strings {
 			if i == j {
 				continue
@@ -50,7 +50,7 @@ func TestRandomString(t *testing.T) {
 func TestRandomInt64(t *testing.T) {
 	ints := make([]int64, 1000)
 	for i := range ints {
-		ints[i] = RandomInt64()
+		ints[i] = Int64()
 		for j := range ints {
 			if i == j {
 				continue

lib/rand/securesource.go

@@ -4,7 +4,7 @@
 // License, v. 2.0. If a copy of the MPL was not distributed with this file,
 // You can obtain one at http://mozilla.org/MPL/2.0/.
 
-package util
+package rand
 
 import (
 	"bufio"

lib/rand/securesource_test.go

@@ -4,7 +4,7 @@
 // License, v. 2.0. If a copy of the MPL was not distributed with this file,
 // You can obtain one at http://mozilla.org/MPL/2.0/.
 
-package util
+package rand
 
 import "testing"
 

lib/tlsutil/tlsutil.go

@@ -10,7 +10,6 @@ import (
 	"bufio"
 	"crypto/ecdsa"
 	"crypto/elliptic"
-	"crypto/rand"
 	"crypto/rsa"
 	"crypto/tls"
 	"crypto/x509"
@@ -19,10 +18,11 @@ import (
 	"fmt"
 	"io"
 	"math/big"
-	mr "math/rand"
 	"net"
 	"os"
 	"time"
+
+	"github.com/syncthing/syncthing/lib/rand"
 )
 
 var (
@@ -48,7 +48,7 @@ func NewCertificate(certFile, keyFile, tlsDefaultCommonName string, tlsRSABits i
 	notAfter := time.Date(2049, 12, 31, 23, 59, 59, 0, time.UTC)
 
 	template := x509.Certificate{
-		SerialNumber: new(big.Int).SetInt64(mr.Int63()),
+		SerialNumber: new(big.Int).SetInt64(rand.Int63()),
 		Subject: pkix.Name{
 			CommonName: tlsDefaultCommonName,
 		},