--- a/auth/session.go	Fri Aug 03 22:20:06 2018 +0200
+++ b/auth/session.go	Sun Aug 05 15:35:29 2018 +0200
@@ -1,10 +1,11 @@
 package auth
 
 import (
-	"crypto/rand"
 	"encoding/base64"
 	"io"
 	"time"
+
+	"gemma.intevation.de/gemma/misc"
 )
 
 type Roles []string
@@ -42,45 +43,38 @@
 }
 
 func (s *Session) serialize(w io.Writer) error {
-	wr := binWriter{w: w}
-	wr.write(s.ExpiresAt)
-	wr.writeString(s.User)
-	wr.writeString(s.Password)
-	wr.write(uint32(len(s.Roles)))
+	wr := misc.BinWriter{W: w}
+	wr.Write(s.ExpiresAt)
+	wr.WriteString(s.User)
+	wr.WriteString(s.Password)
+	wr.Write(uint32(len(s.Roles)))
 	for _, role := range s.Roles {
-		wr.writeString(role)
+		wr.WriteString(role)
 	}
-	return wr.err
+	return wr.Err
 }
 
 func (s *Session) deserialize(r io.Reader) error {
 	var x Session
 	var n uint32
-	rd := binReader{r: r}
-	rd.read(&x.ExpiresAt)
-	rd.readString(&x.User)
-	rd.readString(&x.Password)
-	rd.read(&n)
+	rd := misc.BinReader{R: r}
+	rd.Read(&x.ExpiresAt)
+	rd.ReadString(&x.User)
+	rd.ReadString(&x.Password)
+	rd.Read(&n)
 	x.Roles = make(Roles, n)
 	for i := uint32(0); n > 0 && i < n; i++ {
-		rd.readString(&x.Roles[i])
+		rd.ReadString(&x.Roles[i])
 	}
-	if rd.err == nil {
+	if rd.Err == nil {
 		*s = x
 	}
-	return rd.err
+	return rd.Err
 }
 
 func GenerateSessionKey() string {
-	return base64.URLEncoding.EncodeToString(GenerateRandomKey(sessionKeyLength))
-}
-
-func GenerateRandomKey(length int) []byte {
-	k := make([]byte, length)
-	if _, err := io.ReadFull(rand.Reader, k); err != nil {
-		return nil
-	}
-	return k
+	return base64.URLEncoding.EncodeToString(
+		misc.GenerateRandomKey(sessionKeyLength))
 }
 
 func GenerateSession(user, password string) (string, *Session, error) {