Skip to content

Commit

Permalink
Avoid math/rand and shuffle using crypto/rand
Browse files Browse the repository at this point in the history
  • Loading branch information
@cuppett
cuppett committed Jan 1, 2024
1 parent 79510f9 commit f198ccb
Showing 1 changed file with 6 additions and 4 deletions.
10 changes: 6 additions & 4 deletions api/v1alpha1/common.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,6 @@ import (
v1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/types"
"math/big"
mrand "math/rand"
"sigs.k8s.io/controller-runtime/pkg/client"
"strings"
)
Expand Down Expand Up @@ -148,9 +147,12 @@ func GeneratePassword(passwordLength, minSpecialChar, minNum, minUpperCase int)
random, _ := rand.Int(rand.Reader, big.NewInt(int64(len(allCharSet))))
password.WriteString(string(allCharSet[random.Int64()]))
}

inRune := []rune(password.String())
mrand.Shuffle(len(inRune), func(i, j int) {
inRune[i], inRune[j] = inRune[j], inRune[i]
})
// Reorder the password randomly
for i := range inRune {
j, _ := rand.Int(rand.Reader, big.NewInt(int64(len(inRune))))
inRune[i], inRune[j.Int64()] = inRune[j.Int64()], inRune[i]
}
return string(inRune)
}

0 comments on commit f198ccb

Please sign in to comment.