introducing TAESPRNG class

as a cryptographic pseudorandom number generators (CSPRNG) based on AES-256 and OS returned entropy
synopse · Apr 8, 2016 · 92135fc · 92135fc
1 parent 60566e8
commit 92135fc
Show file tree

Hide file tree

Showing 6 changed files with 329 additions and 48 deletions.
diff --git a/SynBidirSock.pas b/SynBidirSock.pas
@@ -2173,7 +2173,7 @@ function THttpClientWebSockets.WebSocketsUpgrade(const aWebSocketsURI,
         aWebSocketsURI,aWebSocketsEncryptionKey,aWebSocketsCompression);
     try
       RequestSendHeader(aWebSocketsURI,'GET');
-      FillRandom(key);
+      TAESPRNG.Main.FillRandom(key);
       bin1 := BinToBase64(@key,sizeof(key));
       SockSend(['Content-Length: 0'#13#10'Connection: Upgrade'#13#10+
         'Upgrade: websocket'#13#10'Sec-WebSocket-Key: ',bin1,#13#10+

diff --git a/SynCommons.pas b/SynCommons.pas
@@ -5700,6 +5700,8 @@ function GUIDToString(const guid: TGUID): string;
 
 /// fill some memory buffer with random values
 // - the destination buffer is expected to be allocated as 32 bit items
+// - consider using instead the much safer TAESPRNG.Main.FillRandom() method
+// from the SynCrypto unit
 procedure FillRandom(Dest: PCardinalArray; CardinalCount: integer);
 
 /// compute a random GUID value