Merge branch 'release/2.1.5'

lgrahl · lgrahl · commit 04aa53fbd3f5 · 2015-12-22T12:24:05.000+01:00
diff --git a/threema/gateway/__init__.py b/threema/gateway/__init__.py
@@ -35,7 +35,7 @@
 
 __author__ = 'Lennart Grahl <lennart.grahl@threema.ch>'
 __status__ = 'Production'
-__version__ = '2.1.4'
+__version__ = '2.1.5'
 __all__ = (
     'feature_level',
     'ReceptionCapability',
diff --git a/threema/gateway/e2e.py b/threema/gateway/e2e.py
@@ -4,7 +4,6 @@
 import abc
 import enum
 import os
-import random
 import binascii
 import struct
 import mimetypes
@@ -16,7 +15,7 @@
 import libnacl.secret
 import libnacl.encode
 
-from . import ReceptionCapability
+from . import ReceptionCapability, util
 from .exception import *
 from .key import Key
 
@@ -45,7 +44,7 @@ def encrypt(private, public, data, nonce=None):
     data.
     """
     # Generate 0 < padding < 256
-    padding_length = random.randint(1, 255)
+    padding_length = util.randint(1, 255)
 
     # Add padding to the payload
     padding = bytes([padding_length] * padding_length)
diff --git a/threema/gateway/util.py b/threema/gateway/util.py
@@ -3,11 +3,14 @@
 """
 import asyncio
 
+import libnacl
+
 from .key import Key
 
 __all__ = (
     'read_key_or_key_file',
     'raise_server_error',
+    'randint',
 )
 
 
@@ -50,3 +53,13 @@ def raise_server_error(response, error):
     status = response.status
     yield from response.release()
     raise error(status)
+
+
+def randint(a, b):
+    """
+    Return a cryptographically secure random integer N such that
+    ``a <= N <= b``.
+    """
+    n = libnacl.randombytes_uniform(b) + a
+    assert a <= n <= b
+    return n
