Re: A strange function behaviour in random password generator

[Peter Stephenson <Peter.Stephenson@xxxxxxx>]

On Mon, 6 Dec 2010 14:39:41 +0100
Mikael Magnusson <mikachu@xxxxxxxxx> wrote:
> On 6 December 2010 14:15,  <nix@xxxxxxxxxxxxxxxx> wrote:
> > Hi, I have just coded a random password generator. It works good
> > but one might want to show me how to do it with rand48() as its
> > output is strange.
> >
> > The problem:
> >
> > ./random_pass.sh
> > iNkiuG
> > iNkiuG6K
> >
> > 6 first chars are the same for both passwords.
>
> > [...]
>
> > pos=$((RANDOM%$seeds_count+1))
> > MY_RCON=$(random 6)
> > MY_PASS=$(random 8)
>
> If you access $RANDOM in a subshell, the parent shell doesn't know
> about it, and next time it forks a subshell the state will be
> identical.

That's what the seed argument for rand48 is for.  Here's a function that
creates a seed in a file and always uses that file.  The new random number
is in $REPLY.  There are all sorts of possible improvements.

rand48() {
  local sfile=~/.zsh_rand48
  zmodload -i zsh/mathfunc

  if [[ ! -f $sfile ]]; then
    touch $sfile
    chmod 600 $sfile
    # Warning: this is not very random.
    # OK for pseudorandom statistics, bad for security.
    printf "%.4x%.4x%.4x\n" $RANDOM $RANDOM $RANDOM >$sfile
  fi

  local seed="$(<$sfile)"

  typeset -g REPLY=$(( rand48(seed) ))

  print $seed >$sfile
}


-- 
Peter Stephenson <pws@xxxxxxx>            Software Engineer
Tel: +44 (0)1223 692070                   Cambridge Silicon Radio Limited
Churchill House, Cambridge Business Park, Cowley Road, Cambridge, CB4 0WZ, UK


Member of the CSR plc group of companies. CSR plc registered in England and Wales, registered number 4187346, registered office Churchill House, Cambridge Business Park, Cowley Road, Cambridge, CB4 0WZ, United Kingdom