Browse Source

Make Nonce generation securely random

SEC-5 Nonce Generation Uses a Deterministic Seed in `libdevcrypto/Common.cpp` on CPP Ethereum
SEC-7 Private Key Recovery from Predictable Transaction Nonces
cl-refactor
Gav Wood 10 years ago
parent
commit
7a887fb0d5
  1. 8
      libdevcrypto/Common.cpp

8
libdevcrypto/Common.cpp

@ -354,13 +354,7 @@ void Nonce::initialiseIfNeeded()
if (b.size() == 32) if (b.size() == 32)
memcpy(m_value.data(), b.data(), 32); memcpy(m_value.data(), b.data(), 32);
else else
{ m_value = h256::random();
// todo: replace w/entropy from user and system
std::mt19937_64 s_eng(time(0) + chrono::high_resolution_clock::now().time_since_epoch().count());
std::uniform_int_distribution<uint16_t> d(0, 255);
for (unsigned i = 0; i < 32; ++i)
m_value[i] = (uint8_t)d(s_eng);
}
if (!m_value) if (!m_value)
BOOST_THROW_EXCEPTION(InvalidState()); BOOST_THROW_EXCEPTION(InvalidState());

Loading…
Cancel
Save