mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-24 21:31:04 +00:00
bc96439261
Using a weak RNG for the form boundary allows a website operator to perform several attacks on users (as outlined in https://trac.torproject.org/projects/tor/ticket/22919) These include: - Identifying Windows users based on the unseeded RNG - Identify the number of form submissions that have occurred cross-origin between same-origin submissions Additionally, a predictable boundary makes it possible to forge a boundary in the middle of a file upload. Differential Revision: https://phabricator.services.mozilla.com/D56056 --HG-- extra : moz-landing-system : lando
42 lines
1.3 KiB
C++
42 lines
1.3 KiB
C++
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
|
|
|
|
/* Routines for generating random numbers */
|
|
|
|
#ifndef mozilla_RandomNum_h_
|
|
#define mozilla_RandomNum_h_
|
|
|
|
#include "mozilla/Maybe.h"
|
|
#include "mozilla/Types.h"
|
|
|
|
namespace mozilla {
|
|
|
|
/**
|
|
* Generate a cryptographically secure random 64-bit unsigned number using the
|
|
* best facilities available on the current OS.
|
|
*
|
|
* Useful whenever a secure random number is needed and NSS isn't available.
|
|
* (Perhaps because it hasn't been initialized yet)
|
|
*
|
|
* Current mechanisms:
|
|
* Windows: RtlGenRandom()
|
|
* Android, Darwin, DragonFly, FreeBSD, OpenBSD, NetBSD: arc4random()
|
|
* Linux: getrandom() if available, "/dev/urandom" otherwise
|
|
* Other Unix: "/dev/urandom"
|
|
*
|
|
*/
|
|
MFBT_API Maybe<uint64_t> RandomUint64();
|
|
|
|
/**
|
|
* Like RandomUint64, but always returns a uint64_t or crashes with an assert
|
|
* if the underlying RandomUint64 call failed.
|
|
*/
|
|
MFBT_API uint64_t RandomUint64OrDie();
|
|
|
|
} // namespace mozilla
|
|
|
|
#endif // mozilla_RandomNum_h_
|