Skip to content

fix: use io.ReadFull for salt generation#19

Merged
dhui merged 1 commit intodhui:masterfrom
thevilledev:fix/rng-fullread
Sep 21, 2025
Merged

fix: use io.ReadFull for salt generation#19
dhui merged 1 commit intodhui:masterfrom
thevilledev:fix/rng-fullread

Conversation

@thevilledev
Copy link
Contributor

@thevilledev thevilledev commented Sep 21, 2025

Motivation

Salt generation used io.Reader.Read and ignored short reads, allowing zero-padded, low-entropy salts when the RNG is swapped.

Changes

Switch salt generation to use io.ReadFull. Performance impact should be negligible.

Prevents CWE-331 "Insufficient Entropy". Fails fast on RNG anomalies.

Testing

Add a short-EOF RNG test to verify failure. All tests pass.

Backwards Compatibility

No API changes. Credential creation will now error if the RNG short-reads instead of silently proceeding.

@thevilledev
fix: use io.ReadFull for salt generation
74e08a8 
Switch salt generation to io.ReadFull to reject short reads and
prevent zero-padded, low-entropy salts when the RNG is swapped.
Add a short-EOF RNG test to verify failure.

Signed-off-by: Ville Vesilehto <ville@vesilehto.fi>
dhui
dhui approved these changes Sep 21, 2025
View reviewed changes
Copy link
Owner

@dhui dhui left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the find and fix @thevilledev !
EDIT: also thanks for adding a test to prevent a regression!

@dhui dhui merged commit 08498e3 into dhui:master Sep 21, 2025
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dhui dhui dhui approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@thevilledev @dhui