chore(book): Create CNAME file point to the docs domain

security: Use system seeded rng for IV
Acked-by: Amjad Alsharafi <me@amjad.alsharafi.dev>
2024-05-18 11:46:59 +03:00 · 2024-05-18 11:46:59 +03:00
2 changed files with 4 additions and 8 deletions
--- a/1
+++ b/1
@ -37,6 +37,7 @@ _default:
    git init .
    git checkout -B gh-pages
    touch .nojekyll
+    echo "lprs.4rs.nl" > CNAME

    git add .
    git commit -m "Deploy the book to github pages"
--- a/src/vault/cipher.rs
+++ b/src/vault/cipher.rs
@ -19,7 +19,7 @@ use std::time::{SystemTime, UNIX_EPOCH};
 use aes::cipher::{block_padding::Pkcs7, BlockDecryptMut, BlockEncryptMut, KeyIvInit};
 use base32::Alphabet as Base32Alphabet;
 use clap::ValueEnum;
-use rand::{rngs::StdRng, Rng, SeedableRng};
+use rand::{thread_rng, RngCore};
 use serde::{Deserialize, Serialize};

 use crate::{LprsError, LprsResult};
@ -78,13 +78,8 @@ pub fn totp_now(secret_base32: &str, hash_function: &TotpHash) -> LprsResult<(St
 ///
 /// Note: The IV will be add it to the end of the ciphertext (Last 16 bytes)
 pub(crate) fn encrypt(master_password: &[u8; 32], data: &[u8]) -> Vec<u8> {
-    let iv: [u8; 16] = StdRng::seed_from_u64(
-        SystemTime::now()
-            .duration_since(UNIX_EPOCH)
-            .expect("SystemTime before UNIX EPOCH!")
-            .as_secs(),
-    )
-    .gen();
+    let mut iv = [0u8; 16];
+    thread_rng().fill_bytes(&mut iv);

    let mut ciphertext =
        Aes256CbcEnc::new(master_password.into(), &iv.into()).encrypt_padded_vec_mut::<Pkcs7>(data);
Author	SHA1	Message	Date
Awiteb	6f6f3dc8d3	chore(book): Create CNAME file point to the docs domain All checks were successful Write changelog / write-changelog (push) Successful in 4s Details Rust CI / Rust CI (push) Successful in 2m20s Details	2024-05-18 11:46:59 +03:00
Awiteb	920ff2a2d4	security: Use system seeded rng for IV Acked-by: Amjad Alsharafi <me@amjad.alsharafi.dev>	2024-05-18 11:46:59 +03:00