Skip to content

Add secure pin generation for ui #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Apr 28, 2023
Merged

Add secure pin generation for ui #3

merged 3 commits into from
Apr 28, 2023

Conversation

somnathb1
Copy link

Adds secure random number for PIN
Using the crypto/rand go package for secure random number generation for UI PIN.
Ref: rand package

Also adds a flag --insecure flag to the diagnostics cmd line. When this flag is specified, the insecure random number generation using math/rand package is used. Defaults to false i.e. SRNG.

@AlexeyAkhunov
Copy link
Contributor

Thank you! Could you please modify this to only fallback to the weakrand generation when --insecure flag is provided? If there is an error during the secure generation of the PIN, it should be displayed in a similar way other errors are displayed, otherwise it would be hard to debug.
And another thing - could you please apply gofmt -s -w to the files. I have just realised that this project does not have GitHub actions for code lint and compilation check - I will include this into the list of improvements

@somnathb1
Copy link
Author

Removed weakrand on error as a fallback.
Also formatted files.

@AlexeyAkhunov AlexeyAkhunov merged commit 72dd9e1 into erigontech:main Apr 28, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@somnathb1 @AlexeyAkhunov