Bug #20512: Use a proper CSPRNG to generate API tokens - Rudder - Issue Tracker

Actions

Copy link

Bug #20512

closed

Use a proper CSPRNG to generate API tokens

Added by Alexis Mousset almost 3 years ago. Updated over 1 year ago.

Status:

Released

Priority:

N/A

Assignee:

François ARMAND

Category:

Security

Target version:

6.1.19

Pull Request:

https://github.com/Normation/rudder/p...

Severity:

UX impact:

User visibility:

Effort required:

Priority:

Name check:

To do

Fix check:

Checked

Regression:

Description

We currently use scala.util.Random (which is actually based on java.util.Random) but it is not suitable for such use cases, we should really use a CSPRNG here, like java.security.SecureRandom.

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Rudder

Custom queries

Bug #20512

Use a proper CSPRNG to generate API tokens

Updated by Alexis Mousset almost 3 years ago

Updated by Alexis Mousset almost 3 years ago

Updated by Alexis Mousset almost 3 years ago

Updated by Alexis Mousset almost 3 years ago

Updated by Alexis Mousset almost 3 years ago

Updated by Vincent MEMBRÉ over 2 years ago

Updated by Alexis Mousset over 1 year ago