From 244ef0cb8f82b18c22990ece728f2e1fe8398a62 Mon Sep 17 00:00:00 2001
From: MeiMei <30769358+mei23@users.noreply.github.com>
Date: Sun, 29 Mar 2020 23:16:36 +0900
Subject: トークン系の乱数ソースではcryptoを使うように (#6200)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/misc/secure-rndstr.ts | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 src/misc/secure-rndstr.ts

(limited to 'src/misc')

diff --git a/src/misc/secure-rndstr.ts b/src/misc/secure-rndstr.ts
new file mode 100644
index 0000000000..76ee1225eb
--- /dev/null
+++ b/src/misc/secure-rndstr.ts
@@ -0,0 +1,21 @@
+import * as crypto from 'crypto';
+
+const L_CHARS = '0123456789abcdefghijklmnopqrstuvwxyz';
+const LU_CHARS = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+
+export function secureRndstr(length = 32, useLU = true): string {
+	const chars = useLU ? LU_CHARS : L_CHARS;
+	const chars_len = chars.length;
+
+	let str = '';
+
+	for (let i = 0; i < length; i++) {
+		let rand = Math.floor((crypto.randomBytes(1).readUInt8(0) / 0xFF) * chars_len);
+		if (rand === chars_len) {
+			rand = chars_len - 1;
+		}
+		str += chars.charAt(rand);
+	}
+
+	return str;
+}
-- 
cgit v1.2.3-freya