Passphrase, Password: Implemented secure random (#4320)
* Passphrase, Password: Implemented secure random * Passphrase, Password: Simpler variant of the secure random function * Passphrase: Removed the initial secure random function * Passphrase: moved the random generator to its own `sub`master
Dragomir Ioan
Zaahir Moolla
parent
7b0f4c1fa3
commit
b34a479780
|
|
@ -4,6 +4,9 @@ package DDG::Goodie::Passphrase;
|
|||
use strict;
|
||||
use DDG::Goodie;
|
||||
|
||||
use Crypt::URandom qw( urandom );
|
||||
|
||||
|
||||
zci answer_type => 'random_passphrase';
|
||||
zci is_cached => 0;
|
||||
|
||||
|
|
@ -39,7 +42,7 @@ handle query_lc => sub {
|
|||
my @chosen_words;
|
||||
while (scalar @chosen_words < $word_count) {
|
||||
# Pick random words from the slurped array until we have enough
|
||||
push @chosen_words, $word_list[int(rand $list_size)];
|
||||
push @chosen_words, $word_list[saferandom($list_size)];
|
||||
}
|
||||
|
||||
my $phrase = join(' ', @chosen_words);
|
||||
|
|
@ -57,4 +60,9 @@ handle query_lc => sub {
|
|||
};
|
||||
};
|
||||
|
||||
sub saferandom {
|
||||
my ($range) = @_;
|
||||
return unpack("L", urandom(4)) % $range;
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
|
|||
|
|
@ -4,6 +4,8 @@ package DDG::Goodie::Password;
|
|||
use strict;
|
||||
use DDG::Goodie;
|
||||
|
||||
use Crypt::URandom qw( urandom );
|
||||
|
||||
use List::MoreUtils qw( none );
|
||||
use List::Util qw( min max first );
|
||||
use Scalar::Util qw( looks_like_number );
|
||||
|
|
@ -40,6 +42,7 @@ foreach my $value (values %pw_strengths) {
|
|||
|
||||
my $strengths = join('|', keys %pw_strengths);
|
||||
|
||||
|
||||
handle remainder => sub {
|
||||
|
||||
my $query = lc(shift);
|
||||
|
|
@ -52,8 +55,6 @@ handle remainder => sub {
|
|||
|
||||
return if ($query && $query !~ /^(?<fw>\d+|$strengths|)\s*(?<sw>\d+|$strengths|)$/i);
|
||||
|
||||
srand(); # Reseed on each request.
|
||||
|
||||
my @q_words = map { lc $_ } grep { defined } ($+{'fw'}, $+{'sw'});
|
||||
|
||||
my $pw_length = first { looks_like_number($_) } @q_words;
|
||||
|
|
@ -71,7 +72,7 @@ handle remainder => sub {
|
|||
|
||||
# Generate random password of the correct length.
|
||||
while (scalar @pwgen < $pw_length) {
|
||||
push @pwgen, $list_to_use[int rand scalar @list_to_use];
|
||||
push @pwgen, $list_to_use[saferandom(scalar @list_to_use)];
|
||||
}
|
||||
if ($pw_strength ne 'low') {
|
||||
# Make sure we have the characters we want;
|
||||
|
|
@ -100,8 +101,13 @@ sub replace_inside_with {
|
|||
|
||||
# replace a random character in the original list with
|
||||
# with a randomly selected key from our hash.
|
||||
$orig->[int rand scalar @$orig] = $keys[int rand scalar @keys];
|
||||
$orig->[saferandom(scalar @$orig)] = $keys[saferandom(scalar @keys)];
|
||||
return;
|
||||
}
|
||||
|
||||
sub saferandom {
|
||||
my ($range) = @_;
|
||||
return unpack("L", urandom(4)) % $range;
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
|
|||
Loading…
Reference in New Issue