ruby-changes:48183
From: akr <ko1@a...>
Date: Sun, 22 Oct 2017 00:21:31 +0900 (JST)
Subject: [ruby-changes:48183] akr:r60297 (trunk): SecureRandom.alphanumeric implemented.
akr 2017-10-22 00:21:26 +0900 (Sun, 22 Oct 2017) New Revision: 60297 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=60297 Log: SecureRandom.alphanumeric implemented. [ruby-core:68098] [Feature #10849] proposed by Andrew Butterfield. SecureRandom.choose and SecureRandom.graph is not included. (The implementation has SecureRandom.choose but it is private.) I feel the method name, SecureRandom.choose, doesn't represent the behavior well. The actual use cases of SecureRandom.graph is not obvious. Modified files: trunk/NEWS trunk/lib/securerandom.rb trunk/test/test_securerandom.rb Index: test/test_securerandom.rb =================================================================== --- test/test_securerandom.rb (revision 60296) +++ test/test_securerandom.rb (revision 60297) @@ -143,6 +143,13 @@ end https://github.com/ruby/ruby/blob/trunk/test/test_securerandom.rb#L143 assert_match(/\A\h{8}-\h{4}-\h{4}-\h{4}-\h{12}\z/, uuid) end + def test_alphanumeric + 65.times do |idx| + an = @it.alphanumeric + assert_match(/^[0-9a-zA-Z]+$/, an) + end + end + def protect begin yield Index: NEWS =================================================================== --- NEWS (revision 60296) +++ NEWS (revision 60297) @@ -191,6 +191,10 @@ with all sufficient information, see the https://github.com/ruby/ruby/blob/trunk/NEWS#L191 * http://blog.rubygems.org/2017/08/27/2.6.13-released.html * http://blog.rubygems.org/2017/10/09/unsafe-object-deserialization-vulnerability.html +* SecureRandom + * New methods: + * SecureRandom.alphanumeric + * Set * Add Set#to_s as alias to #inspect [Feature #13676] * Add Set#=== as alias to #include? [Feature #13801] Index: lib/securerandom.rb =================================================================== --- lib/securerandom.rb (revision 60296) +++ lib/securerandom.rb (revision 60297) @@ -222,10 +222,50 @@ module Random::Formatter https://github.com/ruby/ruby/blob/trunk/lib/securerandom.rb#L222 "%08x-%04x-%04x-%04x-%04x%08x" % ary end - private - def gen_random(n) + private def gen_random(n) self.bytes(n) end + + # SecureRandom.choose generates a string that randomly draws from a + # source array of characters. + # + # The argument _source_ specifies the array of characters from which + # to generate the string. + # The argument _n_ specifies the length, in characters, of the string to be + # generated. + # + # The result may contain whatever characters are in the source array. + # + # p SecureRandom.choose([*'l'..'r']) #=> "lmrqpoonmmlqlron" + # p SecureRandom.choose([*'0'..'9'], 5) #=> "27309" + # + # If a secure random number generator is not available, + # +NotImplementedError+ is raised. + private def choose(source, n) + size = source.size + n.times.map {source[random_number(size)]}.join('') + end + + ALPHANUMERIC = [*'A'..'Z', *'a'..'z', *'0'..'9'] + # SecureRandom.alphanumeric generates a random alphanumeric string. + # + # The argument _n_ specifies the length, in characters, of the alphanumeric + # string to be generated. + # + # If _n_ is not specified or is nil, 16 is assumed. + # It may be larger in the future. + # + # The result may contain A-Z, a-z and 0-9. + # + # p SecureRandom.alphanumeric #=> "2BuBuLf3WfSKyQbR" + # p SecureRandom.alphanumeric(10) #=> "i6K93NdqiH" + # + # If a secure random number generator is not available, + # +NotImplementedError+ is raised. + def alphanumeric(n=nil) + n = 16 if n.nil? + choose(ALPHANUMERIC, n) + end end SecureRandom.extend(Random::Formatter) -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/