Improve AesGcm Nonce Random Strength

houseofcat · Apr 26, 2024 · 048158a · 048158a
1 parent 2d1a12d
commit 048158a
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 22 deletions.
diff --git a/src/HouseofCat.Encryption/AesGcmEncryptionProvider.cs b/src/HouseofCat.Encryption/AesGcmEncryptionProvider.cs
@@ -85,7 +85,7 @@ public MemoryStream Encrypt(MemoryStream unencryptedStream, bool leaveStreamOpen
         var encryptedBytes = _pool.Rent(length);
         var tag = _pool.Rent(AesGcm.TagByteSizes.MaxSize); // MaxSize = 16
         var nonce = _pool.Rent(AesGcm.NonceByteSizes.MaxSize); // MaxSize = 12
-        _rng.GetBytes(nonce, 0, AesGcm.NonceByteSizes.MaxSize);
+        _rng.GetNonZeroBytes(nonce);
 
         aes.Encrypt(
             nonce.AsSpan().Slice(0, AesGcm.NonceByteSizes.MaxSize),
@@ -133,7 +133,7 @@ public async Task<MemoryStream> EncryptAsync(MemoryStream unencryptedStream, boo
         var encryptedBytes = _pool.Rent(length);
         var tag = _pool.Rent(AesGcm.TagByteSizes.MaxSize); // MaxSize = 16
         var nonce = _pool.Rent(AesGcm.NonceByteSizes.MaxSize); // MaxSize = 12
-        _rng.GetBytes(nonce, 0, AesGcm.NonceByteSizes.MaxSize);
+        _rng.GetNonZeroBytes(nonce);
 
         aes.Encrypt(
             nonce.AsSpan().Slice(0, AesGcm.NonceByteSizes.MaxSize),
@@ -178,7 +178,7 @@ public MemoryStream EncryptToStream(ReadOnlyMemory<byte> unencryptedData)
         var encryptedBytes = _pool.Rent(unencryptedData.Length);
         var tag = _pool.Rent(AesGcm.TagByteSizes.MaxSize); // MaxSize = 16
         var nonce = _pool.Rent(AesGcm.NonceByteSizes.MaxSize); // MaxSize = 12
-        _rng.GetBytes(nonce, 0, AesGcm.NonceByteSizes.MaxSize);
+        _rng.GetNonZeroBytes(nonce);
 
         aes.Encrypt(
             nonce.AsSpan().Slice(0, AesGcm.NonceByteSizes.MaxSize),

diff --git a/src/HouseofCat.Encryption/RecyclableAesGcmEncryptionProvider.cs b/src/HouseofCat.Encryption/RecyclableAesGcmEncryptionProvider.cs
@@ -48,7 +48,7 @@ public ReadOnlyMemory<byte> Encrypt(ReadOnlyMemory<byte> unencryptedData)
         var encryptedBytes = _pool.Rent(unencryptedData.Length);
         var tag = _pool.Rent(AesGcm.TagByteSizes.MaxSize); // MaxSize = 16
         var nonce = _pool.Rent(AesGcm.NonceByteSizes.MaxSize); // MaxSize = 12
-        _rng.GetBytes(nonce, 0, AesGcm.NonceByteSizes.MaxSize);
+        _rng.GetNonZeroBytes(nonce);
 
         aes.Encrypt(
             nonce.AsSpan().Slice(0, AesGcm.NonceByteSizes.MaxSize),
@@ -86,7 +86,7 @@ public MemoryStream Encrypt(MemoryStream unencryptedStream, bool leaveStreamOpen
         var encryptedBytes = _pool.Rent(length);
         var tag = _pool.Rent(AesGcm.TagByteSizes.MaxSize); // MaxSize = 16
         var nonce = _pool.Rent(AesGcm.NonceByteSizes.MaxSize); // MaxSize = 12
-        _rng.GetBytes(nonce, 0, AesGcm.NonceByteSizes.MaxSize);
+        _rng.GetNonZeroBytes(nonce);
 
         aes.Encrypt(
             nonce.AsSpan().Slice(0, AesGcm.NonceByteSizes.MaxSize),
@@ -137,7 +137,7 @@ public async Task<MemoryStream> EncryptAsync(MemoryStream unencryptedStream, boo
         var encryptedBytes = _pool.Rent(length);
         var tag = _pool.Rent(AesGcm.TagByteSizes.MaxSize); // MaxSize = 16
         var nonce = _pool.Rent(AesGcm.NonceByteSizes.MaxSize); // MaxSize = 12
-        _rng.GetBytes(nonce, 0, AesGcm.NonceByteSizes.MaxSize);
+        _rng.GetNonZeroBytes(nonce);
 
         aes.Encrypt(
             nonce.AsSpan().Slice(0, AesGcm.NonceByteSizes.MaxSize),

diff --git a/src/HouseofCat.Utilities/Random/RandomData.cs b/src/HouseofCat.Utilities/Random/RandomData.cs
@@ -17,20 +17,21 @@ public static class Data
     /// <param name="maxLength"></param>
     public static async Task<string> RandomStringAsync(int minLength, int maxLength)
     {
-        return await Task.Run(() =>
-        {
-            char[] chars = new char[maxLength];
-            int setLength = AllowedChars.Length;
-
-            int length = Rand.Next(minLength, maxLength + 1);
-
-            for (var i = 0; i < length; ++i)
+        return await Task.Run(
+            () =>
             {
-                chars[i] = AllowedChars[Rand.Next(setLength)];
-            }
+                var chars = new char[maxLength];
+                var setLength = AllowedChars.Length;
+                var length = Rand.Next(minLength, maxLength + 1);
 
-            return new string(chars, 0, length);
-        }).ConfigureAwait(false);
+                for (var i = 0; i < length; ++i)
+                {
+                    chars[i] = AllowedChars[Rand.Next(setLength)];
+                }
+
+                return new string(chars, 0, length);
+            })
+            .ConfigureAwait(false);
     }
 
     /// <summary>
@@ -40,10 +41,9 @@ public static async Task<string> RandomStringAsync(int minLength, int maxLength)
     /// <param name="maxLength"></param>
     public static string RandomString(int minLength, int maxLength)
     {
-        char[] chars = new char[maxLength];
-        int setLength = AllowedChars.Length;
-
-        int length = Rand.Next(minLength, maxLength + 1);
+        var chars = new char[maxLength];
+        var setLength = AllowedChars.Length;
+        var length = Rand.Next(minLength, maxLength + 1);
 
         for (var i = 0; i < length; ++i)
         {