Permalink
Browse files

Use rand.Reader directly instead of relying upon uuid

uuid did some bit manipulation so actually only guaranteed 122 bits of random data. This change gets us the full 128 bits.
  • Loading branch information...
brycekahle committed Jul 25, 2017
1 parent 30b564f commit a63777686e70587831cabca1e69a2670119553b9
Showing with 7 additions and 4 deletions.
  1. +7 −4 crypto/crypto.go
View
@@ -1,16 +1,19 @@
package crypto
import (
"crypto/rand"
"encoding/base64"
"io"
"strings"
"github.com/pborman/uuid"
)
// SecureToken creates a new random token
func SecureToken() string {
token := uuid.NewRandom()
return removePadding(base64.URLEncoding.EncodeToString([]byte(token)))
b := make([]byte, 16)
if _, err := io.ReadFull(rand.Reader, b); err != nil {
panic(err.Error()) // rand should never fail
}
return removePadding(base64.URLEncoding.EncodeToString(b))
}
func removePadding(token string) string {

0 comments on commit a637776

Please sign in to comment.