dscache: Use math/rand's Read for nonce.

filter/dscache/support.go

 // Copyright 2015 The LUCI Authors. All rights reserved.
 // Use of this source code is governed under the Apache License, Version 2.0
 // that can be found in the LICENSE file.
 
 package dscache
 
 import (
         "fmt"
         "math/rand"
         "time"
@@ skipping 65 matching lines @@
                 if !key.IsIncomplete() {
                         keySuffix := HashKey(key)
                         for shard := 0; shard < nums[i]; shard++ {
                                 ret = append(ret, fmt.Sprintf(KeyFormat, shard, keySuffix))
                         }
                 }
         }
         return ret
 }
 
-// crappyNonce creates a really crappy nonce using math/rand. This is generally
-// unacceptable for cryptographic purposes, but since mathrand is the only
-// mocked randomness source, we use that.
-//
-// The random values here are controlled entriely by the application, will never
-// be shown to, or provided by, the user, so this should be fine.
-//
-// Do not use this function for anything other than mkRandLockItems or your hair
-// will fall out. You've been warned.
-func (s *supportContext) crappyNonce() []byte {
-        ret := make([]byte, NonceUint32s*4)
-        for w := uint(0); w < NonceUint32s; w++ {
-                word := s.mr.Uint32()
-                for i := uint(0); i < 4; i++ {
-                        ret[(w*4)+i] = byte(word >> (8 * i))
-                }
-        }
-        return ret
-}
-
 func (s *supportContext) mutation(keys []*ds.Key, f func() error) error {
         lockItems, lockKeys := s.mkAllLockItems(keys)
         if lockItems == nil {
                 return f()
         }
         if err := mc.Set(s.c, lockItems...); err != nil {
                 // this is a hard failure. No mutation can occur if we're unable to set
                 // locks out. See "DANGER ZONE" in the docs.
                 (log.Fields{log.ErrorKey: err}).Errorf(
                         s.c, "dscache: HARD FAILURE: supportContext.mutation(): mc.SetMulti")
                 return err
         }
         err := f()
         if err == nil {
                 if err := errors.Filter(mc.Delete(s.c, lockKeys...), mc.ErrCacheMiss); err != nil {
                         (log.Fields{log.ErrorKey: err}).Debugf(
                                 s.c, "dscache: mc.Delete")
                 }
         }
         return err
 }
 
 func (s *supportContext) mkRandLockItems(keys []*ds.Key, metas ds.MultiMetaGetter) ([]mc.Item, []byte) {
         mcKeys := s.mkRandKeys(keys, metas)
         if len(mcKeys) == 0 {
                 return nil, nil
         }
-        nonce := s.crappyNonce()
+        nonce := generateNonce()
         ret := make([]mc.Item, len(mcKeys))
         for i, k := range mcKeys {
                 if k == "" {
                         continue
                 }
                 ret[i] = (mc.NewItem(s.c, k).
                         SetFlags(uint32(ItemHasLock)).
                         SetExpiration(time.Second * time.Duration(LockTimeSeconds)).
                         SetValue(nonce))
         }
         return ret, nonce
 }
 
 func (s *supportContext) mkAllLockItems(keys []*ds.Key) ([]mc.Item, []string) {
         mcKeys := s.mkAllKeys(keys)
         if mcKeys == nil {
                 return nil, nil
         }
         ret := make([]mc.Item, len(mcKeys))
         for i := range ret {
                 ret[i] = (mc.NewItem(s.c, mcKeys[i]).
                         SetFlags(uint32(ItemHasLock)).
                         SetExpiration(time.Second * time.Duration(LockTimeSeconds)))
         }
         return ret, mcKeys
 }
+
+// generateNonce creates a pseudo-random sequence of bytes for use as a nonce
+// usingthe non-cryptographic PRNG in "math/rand".
+//
+// The random values here are controlled entriely by the application, will never
+// be shown to, or provided by, the user, so this should be fine.
+func generateNonce() []byte {
+        nonce := make([]byte, NonceBytes)
+        _, _ = rand.Read(nonce) // This Read will always return len(nonce), nil.
+        return nonce
+}