lib/rand: Break out random functions into separate package

The intention for this package is to provide a combination of the security of crypto/rand and the convenience of math/rand. It should be the first choice of random data unless ultimate performance is required and the usage is provably irrelevant from a security standpoint. GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/3186
2016-05-26 07:02:56 +00:00
parent 410d700ae3
commit e6b78e5d56
10 changed files with 42 additions and 31 deletions
--- a/lib/tlsutil/tlsutil.go
+++ b/lib/tlsutil/tlsutil.go
@@ -10,7 +10,6 @@ import (
 	"bufio"
 	"crypto/ecdsa"
 	"crypto/elliptic"
-	"crypto/rand"
 	"crypto/rsa"
 	"crypto/tls"
 	"crypto/x509"
@@ -19,10 +18,11 @@ import (
 	"fmt"
 	"io"
 	"math/big"
-	mr "math/rand"
 	"net"
 	"os"
 	"time"
+
+	"github.com/syncthing/syncthing/lib/rand"
 )

 var (
@@ -48,7 +48,7 @@ func NewCertificate(certFile, keyFile, tlsDefaultCommonName string, tlsRSABits i
 	notAfter := time.Date(2049, 12, 31, 23, 59, 59, 0, time.UTC)

 	template := x509.Certificate{
-		SerialNumber: new(big.Int).SetInt64(mr.Int63()),
+		SerialNumber: new(big.Int).SetInt64(rand.Int63()),
 		Subject: pkix.Name{
 			CommonName: tlsDefaultCommonName,
 		},