johan
/
mission-control
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: use CSPRNG for password generation in install.ps1 (#424) 

Replace Get-Random (System.Random, clock-seeded) with RandomNumberGenerator in Get-RandomPassword to match the CSPRNG already used by Get-RandomHex.
This commit is contained in:
nyk 2026-03-17 12:54:55 +07:00 committed by GitHub
parent a4fefc882e
commit 00a22a2e24
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
install.ps1
View File

@ -68,7 +68,10 @@ function Test-Command { param([string]$Name) $null -ne (Get-Command $Name -Error
function Get-RandomPassword { function Get-RandomPassword {
param([int]$Length = 24) param([int]$Length = 24)
$chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789' $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'
-join (1..$Length | ForEach-Object { $chars[(Get-Random -Maximum $chars.Length)] }) $rng = [System.Security.Cryptography.RandomNumberGenerator]::Create()
$bytes = New-Object byte[] $Length
$rng.GetBytes($bytes)
-join ($bytes | ForEach-Object { $chars[$_ % $chars.Length] })
} }
function Get-RandomHex { function Get-RandomHex {