diff options
author | Jakob Odersky <jakob@odersky.com> | 2018-06-12 15:32:16 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-06-12 15:32:16 -0700 |
commit | d503665c743c17b4446c1eef58ac3733af2fde85 (patch) | |
tree | bfe00b64c493ad3342fd4d1aebd9f652bdb27ec0 | |
parent | 2d2fe73a3181d05e9d6b222916c73f85b7e4ad54 (diff) | |
download | driver-core-d503665c743c17b4446c1eef58ac3733af2fde85.tar.gz driver-core-d503665c743c17b4446c1eef58ac3733af2fde85.tar.bz2 driver-core-d503665c743c17b4446c1eef58ac3733af2fde85.zip |
Improve security of generated tokens (#174)v1.11.1
Also deprecates the token generators in core.
Fixes SECURITY-29
-rw-r--r-- | src/main/scala/xyz/driver/core/generators.scala | 30 |
1 files changed, 25 insertions, 5 deletions
diff --git a/src/main/scala/xyz/driver/core/generators.scala b/src/main/scala/xyz/driver/core/generators.scala index 3c85447..d57980e 100644 --- a/src/main/scala/xyz/driver/core/generators.scala +++ b/src/main/scala/xyz/driver/core/generators.scala @@ -17,17 +17,37 @@ object generators { private val random = new Random import random._ + private val secureRandom = new java.security.SecureRandom() private val DefaultMaxLength = 10 private val StringLetters = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ ".toSet - private val NonAmbigiousCharacters = "abcdefghijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789".toSet - private val Numbers = "0123456789".toSet - - private def nextTokenString(length: Int, charSet: Set[Char]): String = - List.fill(length)(oneOf(charSet)).mkString + private val NonAmbigiousCharacters = "abcdefghijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789" + private val Numbers = "0123456789" + + private def nextTokenString(length: Int, chars: IndexedSeq[Char]): String = { + val builder = new StringBuilder + for (_ <- 0 until length) { + builder += chars(secureRandom.nextInt(chars.length)) + } + builder.result() + } + /** Creates a random invitation token. + * + * This token is meant fo human input and avoids using ambiguous characters such as 'O' and '0'. It + * therefore contains less entropy and is not meant to be used as a cryptographic secret. */ + @deprecated( + "The term 'token' is too generic and security and readability conventions are not well defined. " + + "Services should implement their own version that suits their security requirements.", + "1.11.0" + ) def nextToken(length: Int): String = nextTokenString(length, NonAmbigiousCharacters) + @deprecated( + "The term 'token' is too generic and security and readability conventions are not well defined. " + + "Services should implement their own version that suits their security requirements.", + "1.11.0" + ) def nextNumericToken(length: Int): String = nextTokenString(length, Numbers) def nextInt(maxValue: Int, minValue: Int = 0): Int = random.nextInt(maxValue - minValue) + minValue |