use hash of /dev/urandom data instead of urandom data directly, to avoid leaking state of entropy

author: Micah Lee <micah@micahflee.com> 2014-07-15 19:17:09 -0700
committer: Micah Lee <micah@micahflee.com> 2014-07-15 19:17:09 -0700
commit: 7a05516a65d2fa3788b866983cc1c5b4dc7fdffe (patch)
tree: f403174c9b0c77b317b22a6009fbc79570486064
parent: d9aa55b991555d2d2983172a9ac0419c7e4b397e (diff)
download: onionshare-7a05516a65d2fa3788b866983cc1c5b4dc7fdffe.tar.gz
onionshare-7a05516a65d2fa3788b866983cc1c5b4dc7fdffe.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/onionshare/onionshare.py b/onionshare/onionshare.py
index e5da7e43..dc3dbf29 100644
--- a/onionshare/onionshare.py
+++ b/onionshare/onionshare.py
@@ -18,7 +18,8 @@ class NoTor(Exception):
 
 def random_string(num_bytes):
     b = os.urandom(num_bytes)
-    return base64.b32encode(b).lower().replace('=','')
+    h = hashlib.sha256(b).digest()[:16]
+    return base64.b32encode(h).lower().replace('=','')
 
 def get_platform():
     p = platform.system()
author	Micah Lee <micah@micahflee.com>	2014-07-15 19:17:09 -0700
committer	Micah Lee <micah@micahflee.com>	2014-07-15 19:17:09 -0700
commit	7a05516a65d2fa3788b866983cc1c5b4dc7fdffe (patch)
tree	f403174c9b0c77b317b22a6009fbc79570486064
parent	d9aa55b991555d2d2983172a9ac0419c7e4b397e (diff)
download	onionshare-7a05516a65d2fa3788b866983cc1c5b4dc7fdffe.tar.gz onionshare-7a05516a65d2fa3788b866983cc1c5b4dc7fdffe.zip