Adding more randomised token generation logic

- Added shuffling logic by each byte after generating token

https://github.sec.samsung.net/RS7-IOTIVITY/IoTivity/commit/c5711fd40dfbcaa3e47a6ac06ab08efd84ca66f2
(cherry picked from c5711fd40dfbcaa3e47a6ac06ab08efd84ca66f2)

Change-Id: I941397f2a5b6452299c9e80649d0de0efc4cdd7a
Signed-off-by: Samanway Dey <samanway.dey@samsung.com>
Signed-off-by: DoHyun Pyun <dh79.pyun@samsung.com>

diff --git a/resource/c_common/ocrandom/src/ocrandom.c b/resource/c_common/ocrandom/src/ocrandom.c
index 631906c..97fe7be 100644 (file)
--- a/resource/c_common/ocrandom/src/ocrandom.c
+++ b/resource/c_common/ocrandom/src/ocrandom.c
@@ -195,6 +195,39 @@ void OCFillRandomMem(uint8_t * location, uint16_t len)
     {
         *location++ = OCGetRandomByte();
     }
+    uint8_t *temp = (char *) OICCalloc(len, sizeof(char));
+    int *mask = (int *) OICCalloc(len, sizeof(int));
+    int i, j, rand_idx;
+    for (i = 0; i < len; i++)
+    {
+        mask[i] = 0;
+    }
+    j = 0;
+    for (i = 0; i < len; i++)
+    {
+        rand_idx = lrand48() % len;
+        while((rand_idx < len) && (mask[rand_idx] != 0))
+        {
+            rand_idx++;
+        }
+        if(rand_idx == len)
+        {
+            rand_idx = 0;
+            while(mask[rand_idx] != 0)
+            {
+                rand_idx++;
+            }
+        }
+        temp[rand_idx] = location[j];
+        mask[rand_idx] = 1;
+        j++;
+    }
+    for (i = 0; i < len; i++)
+    {
+        location[i] = temp[i];
+    }
+    OICFree(temp);
+    OICFree(mask);
 }
 
 uint32_t OCGetRandom()

diff --git a/resource/csdk/connectivity/src/caprotocolmessage.c b/resource/csdk/connectivity/src/caprotocolmessage.c
index ff29b33..0ab1ae7 100755 (executable)
--- a/resource/csdk/connectivity/src/caprotocolmessage.c
+++ b/resource/csdk/connectivity/src/caprotocolmessage.c
@@ -1058,7 +1058,6 @@ CAResult_t CAGenerateTokenInternal(CAToken_t *token, uint8_t tokenLength)
 
     OIC_LOG_V(DEBUG, TAG, "token len:%d, token:", tokenLength);
     OIC_LOG_BUFFER(DEBUG, TAG, (const uint8_t *)(*token), tokenLength);
-
     return CA_STATUS_OK;
 }