diff options
author | Micah Lee <micah@micahflee.com> | 2014-07-15 19:17:09 -0700 |
---|---|---|
committer | Micah Lee <micah@micahflee.com> | 2014-07-15 19:17:09 -0700 |
commit | 7a05516a65d2fa3788b866983cc1c5b4dc7fdffe (patch) | |
tree | f403174c9b0c77b317b22a6009fbc79570486064 | |
parent | d9aa55b991555d2d2983172a9ac0419c7e4b397e (diff) | |
download | onionshare-7a05516a65d2fa3788b866983cc1c5b4dc7fdffe.tar.gz onionshare-7a05516a65d2fa3788b866983cc1c5b4dc7fdffe.zip |
use hash of /dev/urandom data instead of urandom data directly, to avoid leaking state of entropy
-rw-r--r-- | onionshare/onionshare.py | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/onionshare/onionshare.py b/onionshare/onionshare.py index e5da7e43..dc3dbf29 100644 --- a/onionshare/onionshare.py +++ b/onionshare/onionshare.py @@ -18,7 +18,8 @@ class NoTor(Exception): def random_string(num_bytes): b = os.urandom(num_bytes) - return base64.b32encode(b).lower().replace('=','') + h = hashlib.sha256(b).digest()[:16] + return base64.b32encode(h).lower().replace('=','') def get_platform(): p = platform.system() |