From d9684bef6be88517621cf50f0f81d5709ea199d2 Mon Sep 17 00:00:00 2001 From: Jeremy Lin Date: Sat, 22 Aug 2020 16:07:53 -0700 Subject: [PATCH] Generate tokens more simply and uniformly --- Cargo.lock | 1 + Cargo.toml | 3 ++- src/crypto.rs | 16 ++++++++++------ 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 3a5a2b1a..b008c5d3 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -153,6 +153,7 @@ dependencies = [ "once_cell", "openssl", "percent-encoding 2.1.0", + "rand 0.7.3", "regex", "reqwest", "ring", diff --git a/Cargo.toml b/Cargo.toml index 396a5e81..10876570 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -60,7 +60,8 @@ diesel_migrations = "1.4.0" # Bundled SQLite libsqlite3-sys = { version = "0.18.0", features = ["bundled"], optional = true } -# Crypto library +# Crypto-related libraries +rand = "0.7.3" ring = "0.16.15" # UUID generation diff --git a/src/crypto.rs b/src/crypto.rs index c2da8fbd..7d0440c7 100644 --- a/src/crypto.rs +++ b/src/crypto.rs @@ -55,17 +55,21 @@ pub fn get_random(mut array: Vec) -> Vec { } pub fn generate_token(token_size: u32) -> Result { + // A u64 can represent all whole numbers up to 19 digits long. if token_size > 19 { - err!("Generating token failed") + err!("Token size is limited to 19 digits") } - // 8 bytes to create an u64 for up to 19 token digits - let bytes = get_random(vec![0; 8]); - let mut bytes_array = [0u8; 8]; - bytes_array.copy_from_slice(&bytes); + let low: u64 = 0; + let high: u64 = 10u64.pow(token_size); - let number = u64::from_be_bytes(bytes_array) % 10u64.pow(token_size); + // Generate a random number in the range [low, high), then format it as a + // token of fixed width, left-padding with 0 as needed. + use rand::{thread_rng, Rng}; + let mut rng = thread_rng(); + let number: u64 = rng.gen_range(low, high); let token = format!("{:0size$}", number, size = token_size as usize); + Ok(token) }