diff --git a/common/crypto/auth.go b/common/crypto/auth.go index b06a2d17dc5..e4aac947c3f 100644 --- a/common/crypto/auth.go +++ b/common/crypto/auth.go @@ -2,8 +2,8 @@ package crypto import ( "crypto/cipher" + "crypto/rand" "io" - "math/rand" "github.com/v2fly/v2ray-core/v5/common" "github.com/v2fly/v2ray-core/v5/common/buf" @@ -262,7 +262,8 @@ func (w *AuthenticationWriter) seal(b []byte) (*buf.Buffer, error) { return nil, err } if paddingSize > 0 { - // With size of the chunk and padding length encrypted, the content of padding doesn't matter much. + // These paddings will send in clear text. + // To avoid leakage of PRNG internal state, a cryptographically secure PRNG should be used. paddingBytes := eb.Extend(paddingSize) common.Must2(rand.Read(paddingBytes)) }