Spaces:
Sleeping
Sleeping
nyk commited on
fix: use CSPRNG for password generation in install.ps1 (#424)
Browse filesReplace Get-Random (System.Random, clock-seeded) with RandomNumberGenerator in Get-RandomPassword to match the CSPRNG already used by Get-RandomHex.
- install.ps1 +4 -1
install.ps1
CHANGED
|
@@ -68,7 +68,10 @@ function Test-Command { param([string]$Name) $null -ne (Get-Command $Name -Error
|
|
| 68 |
function Get-RandomPassword {
|
| 69 |
param([int]$Length = 24)
|
| 70 |
$chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'
|
| 71 |
-
|
|
|
|
|
|
|
|
|
|
| 72 |
}
|
| 73 |
|
| 74 |
function Get-RandomHex {
|
|
|
|
| 68 |
function Get-RandomPassword {
|
| 69 |
param([int]$Length = 24)
|
| 70 |
$chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'
|
| 71 |
+
$rng = [System.Security.Cryptography.RandomNumberGenerator]::Create()
|
| 72 |
+
$bytes = New-Object byte[] $Length
|
| 73 |
+
$rng.GetBytes($bytes)
|
| 74 |
+
-join ($bytes | ForEach-Object { $chars[$_ % $chars.Length] })
|
| 75 |
}
|
| 76 |
|
| 77 |
function Get-RandomHex {
|