Commit e947f41b authored by johan's avatar johan

Fix SPk id generation

- same problem as OPk even if much less likely
+ correct balance of the RNG on 31 bits.
parent 7c00b364
......@@ -76,11 +76,9 @@ class bctbx_RNG : public RNG {
uint32_t randomize() override {
std::array<uint8_t, 4> buffer;
buffer[0] = 0; // just to be sure it's properly set to 0
bctbx_rng_get(m_context, buffer.data(), buffer.size());
// buffer[0] is shifted by 23 instead of 24 to keep the MSb to 0.
// as we must (see RNG interface definition) keep the uint32_t MSb set to 0
return (static_cast<uint32_t>(buffer[0])<<23 | static_cast<uint32_t>(buffer[1])<<16 | static_cast<uint32_t>(buffer[2])<<8 | static_cast<uint32_t>(buffer[3]));
// we are on 31 bits: keep the uint32_t MSb set to 0 (see RNG interface definition)
return (static_cast<uint32_t>(buffer[0]&0x7F)<<24 | static_cast<uint32_t>(buffer[1])<<16 | static_cast<uint32_t>(buffer[2])<<8 | static_cast<uint32_t>(buffer[3]));
};
bctbx_RNG() {
......
......@@ -873,7 +873,19 @@ void Lime<Curve>::X3DH_generate_SPk(X<Curve, lime::Xtype::publicKey> &publicSPk,
// Generate a random SPk Id
// Sqlite doesn't really support unsigned value, the randomize function makes sure that the MSbit is set to 0 to not fall into strange bugs with that
// SPkIds must be random but unique, get one not already in
std::set<uint32_t> activeSPkIds{};
// fetch existing SPk ids from DB (SPKid is unique on all users, so really get them all, do not restrict with m_db_Uid)
rowset<row> rs = (m_localStorage->sql.prepare << "SELECT SPKid FROM X3DH_SPK");
for (const auto &r : rs) {
auto activeSPkId = static_cast<uint32_t>(r.get<int>(0));
activeSPkIds.insert(activeSPkId);
}
SPk_id = m_RNG->randomize();
while (activeSPkIds.insert(SPk_id).second == false) { // This one was already in
SPk_id = m_RNG->randomize();
}
// insert all this in DB
try {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment