feat: corrected rand64 bit gen

nqminds · Jan 24, 2024 · 722efa5 · 722efa5
1 parent 1529041
commit 722efa5
Showing 1 changed file with 13 additions and 8 deletions.
diff --git a/src/brski/pledge/pledge_request.cpp b/src/brski/pledge/pledge_request.cpp
@@ -192,28 +192,33 @@ std::string create_cert_string(const char *cert) {
   return out;
 }
 
+uint64_t gen_rand64(void)
+{
+  uint64_t value = 0x0;
+
+  srand(time(0));
+
+  for (int i=0; i<64; i += 15) {
+    value = value*((uint64_t)RAND_MAX + 1) + rand();
+  }
+  return value;
+}
+
 int generate_sign_cert(struct BinaryArray *scert_cert,
                        struct BinaryArray *scert_key) {
   uint8_t rand[8];
-  uint8_t serial_number_rand[8];
   char rands[17];
   struct BinaryArray buf = {.array = rand, .length = 8};
-  struct BinaryArray serial_buf = {.array = serial_number_rand, .length = 8};
 
   struct crypto_cert_meta sign_cert_meta = {
-      .serial_number = (uint64_t)serial_number_rand,
+      .serial_number = gen_rand64(),
       .not_before = 0,
       // Long-lived pledge certificate
       .not_after_absolute = (char *)"99991231235959Z",
       .issuer = NULL,
       .subject = NULL,
       .basic_constraints = (char *)"CA:false"};
 
-  if (crypto_getrand(&serial_buf) < 0) {
-    log_error("crypto_getrand for serial number fail");
-    return -1;
-  }
-
   if (crypto_getrand(&buf) < 0) {
     log_error("crypto_getrand fail");
     return -1;