Avoid modulo bias in Random::randomUInt().

This commit is contained in:
Felix Geyer 2013-10-05 14:56:18 +02:00
parent b64276c4e8
commit e087baeb48

View File

@ -21,6 +21,10 @@
#include "crypto/Crypto.h" #include "crypto/Crypto.h"
#ifndef QUINT32_MAX
#define QUINT32_MAX 4294967295U
#endif
void Random::randomize(QByteArray& ba) void Random::randomize(QByteArray& ba)
{ {
randomize(ba.data(), ba.size()); randomize(ba.data(), ba.size());
@ -38,8 +42,18 @@ QByteArray Random::randomArray(int len)
quint32 Random::randomUInt(quint32 limit) quint32 Random::randomUInt(quint32 limit)
{ {
Q_ASSERT(limit != 0);
Q_ASSERT(limit <= QUINT32_MAX);
quint32 rand; quint32 rand;
randomize(&rand, 4); const quint32 ceil = QUINT32_MAX - (QUINT32_MAX % limit) - 1;
// To avoid modulo bias:
// Make sure rand is below the largest number where rand%limit==0
do {
randomize(&rand, 4);
} while (rand > ceil);
return (rand % limit); return (rand % limit);
} }