rclone/lib/random/random.go

// Package random holds a few functions for working with random numbers
package random

import (
	cryptorand "crypto/rand"
	"encoding/base64"
	"encoding/binary"
	"fmt"
	mathrand "math/rand"
)

// StringFn create a random string for test purposes using the random
// number generator function passed in.
//
// Do not use these for passwords.
func StringFn(n int, randIntn func(n int) int) string {
	const (
		vowel     = "aeiou"
		consonant = "bcdfghjklmnpqrstvwxyz"
		digit     = "0123456789"
	)
	pattern := []string{consonant, vowel, consonant, vowel, consonant, vowel, consonant, digit}
	out := make([]byte, n)
	p := 0
	for i := range out {
		source := pattern[p]
		p = (p + 1) % len(pattern)
		out[i] = source[randIntn(len(source))]
	}
	return string(out)
}

// String create a random string for test purposes.
//
// Do not use these for passwords.
func String(n int) string {
	return StringFn(n, mathrand.Intn)
}

// Password creates a crypto strong password which is just about
// memorable.  The password is composed of printable ASCII characters
// from the base64 alphabet.
//
// Requires password strength in bits.
// 64 is just about memorable
// 128 is secure
func Password(bits int) (password string, err error) {
	bytes := bits / 8
	if bits%8 != 0 {
		bytes++
	}
	var pw = make([]byte, bytes)
	n, err := cryptorand.Read(pw)
	if err != nil {
		return "", fmt.Errorf("password read failed: %w", err)
	}
	if n != bytes {
		return "", fmt.Errorf("password short read: %d", n)
	}
	password = base64.RawURLEncoding.EncodeToString(pw)
	return password, nil
}

// Seed the global math/rand with crypto strong data
//
// This doesn't make it OK to use math/rand in crypto sensitive
// environments - don't do that! However it does help to mitigate the
// problem if that happens accidentally. This would have helped with
// CVE-2020-28924 - #4783
func Seed() error {
	var seed int64
	err := binary.Read(cryptorand.Reader, binary.LittleEndian, &seed)
	if err != nil {
		return fmt.Errorf("failed to read random seed: %w", err)
	}
	mathrand.Seed(seed)
	return nil
}
lib/random: unify random string generation into random.String This was factored from fstest as we were including the testing enviroment into the main binary because of it. This was causing opening the browser to fail because of 8243ff8bc8. 2019-08-06 13:44:08 +02:00			`// Package random holds a few functions for working with random numbers`
			`package random`

Review random string/password generation - factor password generation into lib/random.Password - call from appropriate places - choose appropriate use of random.String vs random.Password 2019-08-25 09:39:31 +02:00			`import (`
random: fix incorrect use of math/rand instead of crypto/rand CVE-2020-28924 For implications see the linked issue. Fixes #4783 2020-11-18 13:03:01 +01:00			`cryptorand "crypto/rand"`
Review random string/password generation - factor password generation into lib/random.Password - call from appropriate places - choose appropriate use of random.String vs random.Password 2019-08-25 09:39:31 +02:00			`"encoding/base64"`
random: seed math/rand in one place with crypto strong seed #4783 This shouldn't be read as encouraging the use of math/rand instead of crypto/rand in security sensitive contexts, rather as a safer default if that does happen by accident. 2020-11-18 15:02:53 +01:00			`"encoding/binary"`
Remove github.com/pkg/errors and replace with std library version This is possible now that we no longer support go1.12 and brings rclone into line with standard practices in the Go world. This also removes errors.New and errors.Errorf from lib/errors and prefers the stdlib errors package over lib/errors. 2021-11-04 11:12:57 +01:00			`"fmt"`
random: fix incorrect use of math/rand instead of crypto/rand CVE-2020-28924 For implications see the linked issue. Fixes #4783 2020-11-18 13:03:01 +01:00			`mathrand "math/rand"`
Review random string/password generation - factor password generation into lib/random.Password - call from appropriate places - choose appropriate use of random.String vs random.Password 2019-08-25 09:39:31 +02:00			`)`

test makefiles: add --seed flag and make data generated repeatable #5214 2021-04-10 14:42:17 +02:00			`// StringFn create a random string for test purposes using the random`
			`// number generator function passed in.`
Review random string/password generation - factor password generation into lib/random.Password - call from appropriate places - choose appropriate use of random.String vs random.Password 2019-08-25 09:39:31 +02:00			`//`
			`// Do not use these for passwords.`
test makefiles: add --seed flag and make data generated repeatable #5214 2021-04-10 14:42:17 +02:00			`func StringFn(n int, randIntn func(n int) int) string {`
lib/random: unify random string generation into random.String This was factored from fstest as we were including the testing enviroment into the main binary because of it. This was causing opening the browser to fail because of 8243ff8bc8. 2019-08-06 13:44:08 +02:00			`const (`
			`vowel = "aeiou"`
			`consonant = "bcdfghjklmnpqrstvwxyz"`
			`digit = "0123456789"`
			`)`
			`pattern := []string{consonant, vowel, consonant, vowel, consonant, vowel, consonant, digit}`
			`out := make([]byte, n)`
			`p := 0`
			`for i := range out {`
			`source := pattern[p]`
			`p = (p + 1) % len(pattern)`
test makefiles: add --seed flag and make data generated repeatable #5214 2021-04-10 14:42:17 +02:00			`out[i] = source[randIntn(len(source))]`
lib/random: unify random string generation into random.String This was factored from fstest as we were including the testing enviroment into the main binary because of it. This was causing opening the browser to fail because of 8243ff8bc8. 2019-08-06 13:44:08 +02:00			`}`
			`return string(out)`
			`}`
Review random string/password generation - factor password generation into lib/random.Password - call from appropriate places - choose appropriate use of random.String vs random.Password 2019-08-25 09:39:31 +02:00
test makefiles: add --seed flag and make data generated repeatable #5214 2021-04-10 14:42:17 +02:00			`// String create a random string for test purposes.`
			`//`
			`// Do not use these for passwords.`
			`func String(n int) string {`
			`return StringFn(n, mathrand.Intn)`
			`}`

Review random string/password generation - factor password generation into lib/random.Password - call from appropriate places - choose appropriate use of random.String vs random.Password 2019-08-25 09:39:31 +02:00			`// Password creates a crypto strong password which is just about`
			`// memorable. The password is composed of printable ASCII characters`
			`// from the base64 alphabet.`
			`//`
Spelling fixes Fix spelling of: above, already, anonymous, associated, authentication, bandwidth, because, between, blocks, calculate, candidates, cautious, changelog, cleaner, clipboard, command, completely, concurrently, considered, constructs, corrupt, current, daemon, dependencies, deprecated, directory, dispatcher, download, eligible, ellipsis, encrypter, endpoint, entrieslist, essentially, existing writers, existing, expires, filesystem, flushing, frequently, hierarchy, however, implementation, implements, inaccurate, individually, insensitive, longer, maximum, metadata, modified, multipart, namedirfirst, nextcloud, obscured, opened, optional, owncloud, pacific, passphrase, password, permanently, persimmon, positive, potato, protocol, quota, receiving, recommends, referring, requires, revisited, satisfied, satisfies, satisfy, semver, serialized, session, storage, strategies, stringlist, successful, supported, surprise, temporarily, temporary, transactions, unneeded, update, uploads, wrapped Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> 2020-10-09 02:17:24 +02:00			`// Requires password strength in bits.`
Review random string/password generation - factor password generation into lib/random.Password - call from appropriate places - choose appropriate use of random.String vs random.Password 2019-08-25 09:39:31 +02:00			`// 64 is just about memorable`
			`// 128 is secure`
			`func Password(bits int) (password string, err error) {`
			`bytes := bits / 8`
			`if bits%8 != 0 {`
			`bytes++`
			`}`
			`var pw = make([]byte, bytes)`
random: fix incorrect use of math/rand instead of crypto/rand CVE-2020-28924 For implications see the linked issue. Fixes #4783 2020-11-18 13:03:01 +01:00			`n, err := cryptorand.Read(pw)`
Review random string/password generation - factor password generation into lib/random.Password - call from appropriate places - choose appropriate use of random.String vs random.Password 2019-08-25 09:39:31 +02:00			`if err != nil {`
Remove github.com/pkg/errors and replace with std library version This is possible now that we no longer support go1.12 and brings rclone into line with standard practices in the Go world. This also removes errors.New and errors.Errorf from lib/errors and prefers the stdlib errors package over lib/errors. 2021-11-04 11:12:57 +01:00			`return "", fmt.Errorf("password read failed: %w", err)`
Review random string/password generation - factor password generation into lib/random.Password - call from appropriate places - choose appropriate use of random.String vs random.Password 2019-08-25 09:39:31 +02:00			`}`
			`if n != bytes {`
Remove github.com/pkg/errors and replace with std library version This is possible now that we no longer support go1.12 and brings rclone into line with standard practices in the Go world. This also removes errors.New and errors.Errorf from lib/errors and prefers the stdlib errors package over lib/errors. 2021-11-04 11:12:57 +01:00			`return "", fmt.Errorf("password short read: %d", n)`
Review random string/password generation - factor password generation into lib/random.Password - call from appropriate places - choose appropriate use of random.String vs random.Password 2019-08-25 09:39:31 +02:00			`}`
			`password = base64.RawURLEncoding.EncodeToString(pw)`
			`return password, nil`
			`}`
random: seed math/rand in one place with crypto strong seed #4783 This shouldn't be read as encouraging the use of math/rand instead of crypto/rand in security sensitive contexts, rather as a safer default if that does happen by accident. 2020-11-18 15:02:53 +01:00
			`// Seed the global math/rand with crypto strong data`
			`//`
			`// This doesn't make it OK to use math/rand in crypto sensitive`
			`// environments - don't do that! However it does help to mitigate the`
			`// problem if that happens accidentally. This would have helped with`
			`// CVE-2020-28924 - #4783`
			`func Seed() error {`
			`var seed int64`
			`err := binary.Read(cryptorand.Reader, binary.LittleEndian, &seed)`
			`if err != nil {`
Remove github.com/pkg/errors and replace with std library version This is possible now that we no longer support go1.12 and brings rclone into line with standard practices in the Go world. This also removes errors.New and errors.Errorf from lib/errors and prefers the stdlib errors package over lib/errors. 2021-11-04 11:12:57 +01:00			`return fmt.Errorf("failed to read random seed: %w", err)`
random: seed math/rand in one place with crypto strong seed #4783 This shouldn't be read as encouraging the use of math/rand instead of crypto/rand in security sensitive contexts, rather as a safer default if that does happen by accident. 2020-11-18 15:02:53 +01:00			`}`
			`mathrand.Seed(seed)`
			`return nil`
			`}`