From 2c5a25a42e72547f965b65c94a09767fa3f8d7d1 Mon Sep 17 00:00:00 2001 From: Anton Maklakov Date: Wed, 19 Sep 2018 19:52:11 +0800 Subject: [PATCH] tcp_transport: Use getrandom() instead of rand() in the entire esp-mqtt Signed-off-by: David Cermak --- components/tcp_transport/transport_ws.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/components/tcp_transport/transport_ws.c b/components/tcp_transport/transport_ws.c index 0205f7b73..bac422682 100644 --- a/components/tcp_transport/transport_ws.c +++ b/components/tcp_transport/transport_ws.c @@ -1,6 +1,7 @@ #include #include #include +#include #include "esp_log.h" #include "esp_transport.h" @@ -70,13 +71,12 @@ static int ws_connect(transport_handle_t t, const char *host, int port, int time ESP_LOGE(TAG, "Error connect to ther server"); } - unsigned char random_key[16] = {0}; + unsigned char random_key[16]; + getrandom(random_key, sizeof(random_key), 0); + // Size of base64 coded string is equal '((input_size * 4) / 3) + (input_size / 96) + 6' including Z-term unsigned char client_key[28] = {0}; - int i; - for (i = 0; i < sizeof(random_key); i++) { - random_key[i] = rand() & 0xFF; - } + size_t outlen = 0; mbedtls_base64_encode(client_key, sizeof(client_key), &outlen, random_key, sizeof(random_key)); int len = snprintf(ws->buffer, DEFAULT_WS_BUFFER, @@ -155,10 +155,8 @@ static int ws_write(transport_handle_t t, const char *buff, int len, int timeout ws_header[header_len++] = (uint8_t)(len | WS_MASK); } mask = &ws_header[header_len]; - ws_header[header_len++] = rand() & 0xFF; - ws_header[header_len++] = rand() & 0xFF; - ws_header[header_len++] = rand() & 0xFF; - ws_header[header_len++] = rand() & 0xFF; + getrandom(ws_header + header_len, 4, 0); + header_len += 4; for (i = 0; i < len; ++i) { buffer[i] = (buffer[i] ^ mask[i % 4]);