Security: use SecureRandom for a much better random generator - Kernel.rand is just crap

author: mh <mh@immerda.ch> 2012-12-25 20:34:48 +0100
committer: mh <mh@immerda.ch> 2012-12-25 20:34:48 +0100
commit: b8ae474b152e07e090a5a63e75a0e99e9a00e21e (patch)
tree: 1224f2024d0f85baf854a6979765b620e455d6e2 /lib
parent: 44d0c214e7d66d617034f4b1e1da726714eada52 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/lib/trocla/util.rb b/lib/trocla/util.rb
index 3461bb2..2b1c6c6 100644
--- a/lib/trocla/util.rb
+++ b/lib/trocla/util.rb
@@ -1,12 +1,13 @@
+require 'securerandom'
 class Trocla
   class Util
     class << self
       def random_str(length=12)
-        (1..length).collect{|a| chars[rand(chars.size)] }.join.to_s
+        (1..length).collect{|a| chars[SecureRandom.random_number(chars.size)] }.join.to_s
       end
 
       def salt(length=8)
-        (1..length).collect{|a| normal_chars[rand(normal_chars.size)] }.join.to_s
+        (1..length).collect{|a| normal_chars[SecureRandom.random_number(normal_chars.size)] }.join.to_s
       end
 
       private
author	mh <mh@immerda.ch>	2012-12-25 20:34:48 +0100
committer	mh <mh@immerda.ch>	2012-12-25 20:34:48 +0100
commit	b8ae474b152e07e090a5a63e75a0e99e9a00e21e (patch)
tree	1224f2024d0f85baf854a6979765b620e455d6e2 /lib
parent	44d0c214e7d66d617034f4b1e1da726714eada52 (diff)