1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "remoting/host/host_secret.h" 6 7 #include <string> 8 9 #include "base/logging.h" 10 #include "base/rand_util.h" 11 #include "base/strings/string_number_conversions.h" 12 13 namespace remoting { 14 15 namespace { 16 17 // 5 digits means 100K possible host secrets with uniform distribution, which 18 // should be enough for short-term passwords, given that we rate-limit guesses 19 // in the cloud and expire access codes after a small number of attempts. 20 const int kHostSecretLength = 5; 21 const char kHostSecretAlphabet[] = "0123456789"; 22 23 // Generates cryptographically strong random number in the range [0, max). 24 int CryptoRandomInt(int max) { 25 uint32 random_int32; 26 base::RandBytes(&random_int32, sizeof(random_int32)); 27 return random_int32 % max; 28 } 29 30 } // namespace 31 32 std::string GenerateSupportHostSecret() { 33 std::string result; 34 int alphabet_size = strlen(kHostSecretAlphabet); 35 result.resize(kHostSecretLength); 36 for (int i = 0; i < kHostSecretLength; ++i) { 37 result[i] = kHostSecretAlphabet[CryptoRandomInt(alphabet_size)]; 38 } 39 return result; 40 } 41 42 } // namespace remoting 43
