Use SecureRandom for OpenVPN management password [VPNWIN-1472]

ProtonVPN · May 10, 2023 · 04bfc6a · 04bfc6a
1 parent 4e44fc7
commit 04bfc6a
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 12 deletions.
diff --git a/...ProtonVPN.Common/Helpers/RandomStrings.cs → src/ProtonVPN.Crypto/RandomStrings.cs b/...ProtonVPN.Common/Helpers/RandomStrings.cs → src/ProtonVPN.Crypto/RandomStrings.cs
@@ -18,24 +18,26 @@
  */
 
 using System;
+using Org.BouncyCastle.Security;
 
-namespace ProtonVPN.Common.Helpers
+namespace ProtonVPN.Crypto
 {
-    /// <summary>
-    /// Generates random alphanumeric strings.
-    /// </summary>
+    /// <summary> Generates random alphanumeric strings. </summary>
     public class RandomStrings
     {
-        private readonly Random _random = new Random();
+        private readonly SecureRandom _random = new();
 
         public string RandomString(int length)
         {
-            Ensure.IsTrue(length >= 0);
+            if (length < 0)
+            {
+                throw new ArgumentException($"RandomString length can't be a negative number but is {length}.");
+            }
 
             const string chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
-            var randomChars = new char[length];
+            char[] randomChars = new char[length];
 
-            for (var i = 0; i < randomChars.Length; i++)
+            for (int i = 0; i < randomChars.Length; i++)
             {
                 randomChars[i] = chars[_random.Next(chars.Length)];
             }

diff --git a/src/ProtonVPN.Vpn/Connection/OpenVpnConnection.cs b/src/ProtonVPN.Vpn/Connection/OpenVpnConnection.cs
@@ -25,7 +25,6 @@
 using System.Threading.Tasks;
 using ProtonVPN.Common;
 using ProtonVPN.Common.Configuration;
-using ProtonVPN.Common.Helpers;
 using ProtonVPN.Common.Logging;
 using ProtonVPN.Common.Logging.Categorization.Events.ConnectionLogs;
 using ProtonVPN.Common.Logging.Categorization.Events.ConnectLogs;
@@ -34,6 +33,7 @@
 using ProtonVPN.Common.OS.Net;
 using ProtonVPN.Common.Threading;
 using ProtonVPN.Common.Vpn;
+using ProtonVPN.Crypto;
 using ProtonVPN.Vpn.Common;
 using ProtonVPN.Vpn.Management;
 using ProtonVPN.Vpn.OpenVpn;

diff --git a/src/Tests/ProtonVPN.Crypto.Tests/ProtonVPN.Crypto.Tests.csproj b/src/Tests/ProtonVPN.Crypto.Tests/ProtonVPN.Crypto.Tests.csproj
@@ -12,6 +12,7 @@
     <ProjectReference Include="..\..\ProtonVPN.Crypto\ProtonVPN.Crypto.csproj" />
   </ItemGroup>
   <ItemGroup>
+    <PackageReference Include="FluentAssertions" Version="6.7.0" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.4.0" />
     <PackageReference Include="MSTest.TestAdapter">
       <Version>2.2.10</Version>

diff --git a/...Common.Tests/Helpers/RandomStringsTest.cs → ...otonVPN.Crypto.Tests/RandomStringsTest.cs b/...Common.Tests/Helpers/RandomStringsTest.cs → ...otonVPN.Crypto.Tests/RandomStringsTest.cs
@@ -20,17 +20,16 @@
 using System;
 using FluentAssertions;
 using Microsoft.VisualStudio.TestTools.UnitTesting;
-using ProtonVPN.Common.Helpers;
 
-namespace ProtonVPN.Common.Tests.Helpers
+namespace ProtonVPN.Crypto.Tests
 {
     [TestClass]
     public class ManagementPasswordsTest
     {
         [DataTestMethod]
         [DataRow(0)]
         [DataRow(1)]
-        [DataRow(10)]
+        [DataRow(16)]
         public void Password_ShouldHave_CorrectLength(int length)
         {
             // Arrange