cross
New Foswiki release 2.1.6 is available with important security fixes.
Sourceforge foswiki email lists being discontinued. Subscribe to the new Foswiki announce and discuss lists at MailingLists

Feature Proposal: Add a function to generate a cryptographically secure random string

Motivation

Currently we use perl's rand() function to generate strings where needed. It's used in several places in core, including password salt, registration tokens, etc. This is not aligned with best practices. Rather than implement a string generator in multiple places, add it to Foswiki.pm

It might be useful to expose this in Foswiki::Func. However as the source of entropy for strong random strings is limited, it might be best to reserve it for use where truly required.

Description and Documentation

Add Foswiki::randomString( length, from-characters). It would use CPAN:Bytes::Random::Secure to return a string of the requested length. If the dependency is missing, it falls back to the original Foswiki/TWiki algorithm.

Use this function anywhere random strings are required including
  • password salt
  • registration token
  • validation token
  • request cache

Examples

Impact

It's possible to deplete system entropy if re-seeded too frequently. The default is to use dev/urandom on *nix systems to avoid blocking on insufficient entropy. The code should load on demand to minimize seeding the RNG when not required.

%WHATDOESITAFFECT%
edit

Implementation

-- Contributors: GeorgeClark - 30 Sep 2017

Discussion

Changes are all checked into the Item14506 branch. Awaiting merge.

-- GeorgeClark - 05 Dec 2017
 
Topic revision: r5 - 06 Feb 2018, GeorgeClark - This page was cached on 21 Sep 2018 - 19:26.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy