From f198ccb37f6980766b314e27795a509fe518fba2 Mon Sep 17 00:00:00 2001
From: Stephen Cuppett <steve@brightframe.com>
Date: Mon, 1 Jan 2024 07:41:39 -0500
Subject: [PATCH] Avoid math/rand and shuffle using crypto/rand

---
 api/v1alpha1/common.go | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/api/v1alpha1/common.go b/api/v1alpha1/common.go
index 8b1a469..2707c50 100644
--- a/api/v1alpha1/common.go
+++ b/api/v1alpha1/common.go
@@ -23,7 +23,6 @@ import (
 	v1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"math/big"
-	mrand "math/rand"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"strings"
 )
@@ -148,9 +147,12 @@ func GeneratePassword(passwordLength, minSpecialChar, minNum, minUpperCase int)
 		random, _ := rand.Int(rand.Reader, big.NewInt(int64(len(allCharSet))))
 		password.WriteString(string(allCharSet[random.Int64()]))
 	}
+
 	inRune := []rune(password.String())
-	mrand.Shuffle(len(inRune), func(i, j int) {
-		inRune[i], inRune[j] = inRune[j], inRune[i]
-	})
+	// Reorder the password randomly
+	for i := range inRune {
+		j, _ := rand.Int(rand.Reader, big.NewInt(int64(len(inRune))))
+		inRune[i], inRune[j.Int64()] = inRune[j.Int64()], inRune[i]
+	}
 	return string(inRune)
 }