From d373081db15ff09b5f5e1480c0f6cf1d36fdf488 Mon Sep 17 00:00:00 2001
From: David Baker <dave@matrix.org>
Date: Thu, 5 Oct 2023 17:32:43 +0100
Subject: [PATCH] Generate call passwords with secure RNG

---
 src/matrix-utils.ts | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/matrix-utils.ts b/src/matrix-utils.ts
index 471df590..475a85d0 100644
--- a/src/matrix-utils.ts
+++ b/src/matrix-utils.ts
@@ -28,7 +28,7 @@ import {
   GroupCallIntent,
   GroupCallType,
 } from "matrix-js-sdk/src/webrtc/groupCall";
-import { randomString } from "matrix-js-sdk/src/randomstring";
+import { encodeUnpaddedBase64 } from "matrix-js-sdk/src/common-crypto/base64";
 
 import type { MatrixClient } from "matrix-js-sdk/src/client";
 import type { Room } from "matrix-js-sdk/src/models/room";
@@ -74,6 +74,12 @@ function waitForSync(client: MatrixClient) {
   });
 }
 
+function secureRandomString(entropyBytes: number): string {
+  const key = new Uint8Array(entropyBytes);
+  crypto.getRandomValues(key);
+  return encodeUnpaddedBase64(key);
+}
+
 /**
  * Initialises and returns a new standalone Matrix Client.
  * If true is passed for the 'restore' parameter, a check will be made
@@ -347,7 +353,7 @@ export async function createRoom(
 
   let password;
   if (e2ee) {
-    password = randomString(32);
+    password = secureRandomString(16);
     setLocalStorageItem(
       getRoomSharedKeyLocalStorageKey(result.room_id),
       password