GODRIVER-2349 Seed all pseudorandom number generators with a crypto-secure random number.

matthewdale · matthewdale · commit 120dcbfaf887 · 2022-03-24T15:44:06.000-07:00
diff --git a/internal/randutil/randutil.go b/internal/randutil/randutil.go
@@ -2,6 +2,9 @@
 package randutil
 
 import (
+	crand "crypto/rand"
+	"fmt"
+	"io"
 	"math/rand"
 	"sync"
 )
@@ -52,3 +55,17 @@ func (lr *LockedRand) Shuffle(n int, swap func(i, j int)) {
 	lr.r.Shuffle(n, swap)
 	lr.mu.Unlock()
 }
+
+// CryptoSeed returns a random int64 read from the "crypto/rand" random number generator. It is
+// intended to be used to seed pseudorandom number generators at package initialization. It panics
+// if it encounters any errors.
+func CryptoSeed() int64 {
+	var b [8]byte
+	_, err := io.ReadFull(crand.Reader, b[:])
+	if err != nil {
+		panic(fmt.Errorf("failed to read 8 bytes from a \"crypto/rand\".Reader: %v", err))
+	}
+
+	return (int64(b[0]) << 0) | (int64(b[1]) << 8) | (int64(b[2]) << 16) | (int64(b[3]) << 24) |
+		(int64(b[4]) << 32) | (int64(b[5]) << 40) | (int64(b[6]) << 48) | (int64(b[7]) << 56)
+}
diff --git a/x/mongo/driver/connstring/connstring.go b/x/mongo/driver/connstring/connstring.go
@@ -24,7 +24,7 @@ import (
 )
 
 // random is a package-global pseudo-random number generator.
-var random = randutil.NewLockedRand(rand.NewSource(time.Now().UnixNano()))
+var random = randutil.NewLockedRand(rand.NewSource(randutil.CryptoSeed()))
 
 // ParseAndValidate parses the provided URI into a ConnString object.
 // It check that all values are valid.
diff --git a/x/mongo/driver/topology/topology.go b/x/mongo/driver/topology/topology.go
@@ -57,7 +57,7 @@ var ErrServerSelectionTimeout = errors.New("server selection timeout")
 type MonitorMode uint8
 
 // random is a package-global pseudo-random number generator.
-var random = randutil.NewLockedRand(rand.NewSource(time.Now().UnixNano()))
+var random = randutil.NewLockedRand(rand.NewSource(randutil.CryptoSeed()))
 
 // These constants are the available monitoring modes.
 const (
diff --git a/x/mongo/driver/uuid/uuid.go b/x/mongo/driver/uuid/uuid.go
@@ -9,7 +9,6 @@ package uuid // import "go.mongodb.org/mongo-driver/x/mongo/driver/uuid"
 import (
 	"io"
 	"math/rand"
-	"time"
 
 	"go.mongodb.org/mongo-driver/internal/randutil"
 )
@@ -18,10 +17,10 @@ import (
 type UUID [16]byte
 
 // random is a package-global pseudo-random number generator.
-var random = randutil.NewLockedRand(rand.NewSource(time.Now().UnixNano()))
+var random = randutil.NewLockedRand(rand.NewSource(randutil.CryptoSeed()))
 
-// New returns a random UUIDv4. It uses a "math/rand" pseudo-random number generator seeded with the
-// package initialization time.
+// New returns a random UUIDv4. It uses a "math/rand" pseudo-random number generator seeded with a
+// cryptographically-secure random number at package initialization.
 //
 // New should not be used to generate cryptographically-secure random UUIDs.
 func New() (UUID, error) {

Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,7 @@ import (`
`24`	`24`	`)`
`25`	`25`
`26`	`26`	`// random is a package-global pseudo-random number generator.`
`27`		`-var random = randutil.NewLockedRand(rand.NewSource(time.Now().UnixNano()))`
	`27`	`+var random = randutil.NewLockedRand(rand.NewSource(randutil.CryptoSeed()))`
`28`	`28`
`29`	`29`	`// ParseAndValidate parses the provided URI into a ConnString object.`
`30`	`30`	`// It check that all values are valid.`