Skip to content

Commit

Permalink
Add GenerateNonCryptoID function to avoid entropy exhaustion
Browse files Browse the repository at this point in the history
Signed-off-by: Alexander Morozov <[email protected]>
  • Loading branch information
LK4D4 committed Jul 29, 2015
1 parent 6963b9c commit 4553b6a
Showing 1 changed file with 25 additions and 7 deletions.
32 changes: 25 additions & 7 deletions pkg/stringid/stringid.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ import (
"io"
"regexp"
"strconv"

"github.com/docker/docker/pkg/random"
)

const shortLen = 12
Expand All @@ -30,20 +32,36 @@ func TruncateID(id string) string {
return id[:trimTo]
}

// GenerateRandomID returns an unique id.
func GenerateRandomID() string {
func generateID(crypto bool) string {
b := make([]byte, 32)
var r io.Reader = random.Reader
if crypto {
r = rand.Reader
}
for {
id := make([]byte, 32)
if _, err := io.ReadFull(rand.Reader, id); err != nil {
if _, err := io.ReadFull(r, b); err != nil {
panic(err) // This shouldn't happen
}
value := hex.EncodeToString(id)
id := hex.EncodeToString(b)
// if we try to parse the truncated for as an int and we don't have
// an error then the value is all numberic and causes issues when
// used as a hostname. ref #3869
if _, err := strconv.ParseInt(TruncateID(value), 10, 64); err == nil {
if _, err := strconv.ParseInt(TruncateID(id), 10, 64); err == nil {
continue
}
return value
return id
}
}

// GenerateRandomID returns an unique id.
func GenerateRandomID() string {
return generateID(true)

}

// GenerateNonCryptoID generates unique id without using cryptographically
// secure sources of random.
// It helps you to save entropy.
func GenerateNonCryptoID() string {
return generateID(false)
}

0 comments on commit 4553b6a

Please sign in to comment.