go-mail/random.go

// SPDX-FileCopyrightText: 2022-2023 The go-mail Authors
//
// SPDX-License-Identifier: MIT

package mail

import (
	"crypto/rand"
	"encoding/binary"
	"strings"
)

// Range of characters for the secure string generation
const cr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789._-"

// Bitmask sizes for the string generators (based on 93 chars total)
//
// These constants define bitmask-related values used for efficient random string generation.
// The bitmask operates over 66 possible characters, and the constants help determine the
// number of bits and indices used in the process.
const (
	// letterIdxBits: Number of bits needed to represent a letter index. We have 64 possible characters
	// which fit into 6 bits.
	letterIdxBits = 6
	// letterIdxMask: Bitmask to extract letter indices (all 1-bits for letterIdxBits).
	letterIdxMask = 1<<letterIdxBits - 1
	// letterIdxMax: The maximum number of letter indices that fit in 63 bits.
	letterIdxMax = 63 / letterIdxBits
)

// randomStringSecure returns a random string of the specified length.
//
// This function generates a cryptographically secure random string of the given length using
// the crypto/rand package. It ensures that the randomness is secure and suitable for
// cryptographic purposes. The function reads random bytes, converts them to indices within
// a character range, and builds the string. If an error occurs while reading from the random
// pool, it returns the error.
//
// Parameters:
//   - length: The length of the random string to be generated.
//
// Returns:
//   - A randomly generated string.
//   - An error if the random generation fails.
func randomStringSecure(length int) (string, error) {
	randString := strings.Builder{}
	randString.Grow(length)
	charRangeLength := len(cr)

	randPool := make([]byte, 8)
	_, err := rand.Read(randPool)
	if err != nil {
		return randString.String(), err
	}
	for idx, char, rest := length-1, binary.BigEndian.Uint64(randPool), letterIdxMax; idx >= 0; {
		if rest == 0 {
			_, err = rand.Read(randPool)
			if err != nil {
				return randString.String(), err
			}
			char, rest = binary.BigEndian.Uint64(randPool), letterIdxMax
		}
		if i := int(char & letterIdxMask); i < charRangeLength {
			randString.WriteByte(cr[i])
			idx--
		}
		char >>= letterIdxBits
		rest--
	}

	return randString.String(), nil
}
Switched copyright header from me to "The go-mail Authors" 2023-01-15 16:14:19 +01:00			`// SPDX-FileCopyrightText: 2022-2023 The go-mail Authors`
Replace math/rand with crypto/rand Since the Windows tests were still failing, we are replacing the random number generation with math/rand with random string generation via crypto/rand 2022-10-26 14:05:25 +02:00			`//`
			`// SPDX-License-Identifier: MIT`

			`package mail`

			`import (`
			`"crypto/rand"`
			`"encoding/binary"`
			`"strings"`
			`)`

			`// Range of characters for the secure string generation`
Update character set and bit size for secure string generation Revised the character set to include a larger variety of symbols and adjusted the bit size calculations to correspond with the new set size. This ensures more efficient and secure random string generation by effectively utilizing the bitmask. 2024-10-07 15:03:07 +02:00			`const cr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789._-"`
Replace math/rand with crypto/rand Since the Windows tests were still failing, we are replacing the random number generation with math/rand with random string generation via crypto/rand 2022-10-26 14:05:25 +02:00
			`// Bitmask sizes for the string generators (based on 93 chars total)`
Update randNum function and documentation for multiple versions Expanded randNum function comments to provide detailed behavior and usage across different Go versions. Enhanced the randomStringSecure function doc to explain its cryptographic secure implementation and error handling. 2024-10-06 17:00:49 +02:00			`//`
			`// These constants define bitmask-related values used for efficient random string generation.`
Update character set and bit size for secure string generation Revised the character set to include a larger variety of symbols and adjusted the bit size calculations to correspond with the new set size. This ensures more efficient and secure random string generation by effectively utilizing the bitmask. 2024-10-07 15:03:07 +02:00			`// The bitmask operates over 66 possible characters, and the constants help determine the`
Update randNum function and documentation for multiple versions Expanded randNum function comments to provide detailed behavior and usage across different Go versions. Enhanced the randomStringSecure function doc to explain its cryptographic secure implementation and error handling. 2024-10-06 17:00:49 +02:00			`// number of bits and indices used in the process.`
Replace math/rand with crypto/rand Since the Windows tests were still failing, we are replacing the random number generation with math/rand with random string generation via crypto/rand 2022-10-26 14:05:25 +02:00			`const (`
Update character set and bit size for secure string generation Revised the character set to include a larger variety of symbols and adjusted the bit size calculations to correspond with the new set size. This ensures more efficient and secure random string generation by effectively utilizing the bitmask. 2024-10-07 15:03:07 +02:00			`// letterIdxBits: Number of bits needed to represent a letter index. We have 64 possible characters`
			`// which fit into 6 bits.`
			`letterIdxBits = 6`
Update randNum function and documentation for multiple versions Expanded randNum function comments to provide detailed behavior and usage across different Go versions. Enhanced the randomStringSecure function doc to explain its cryptographic secure implementation and error handling. 2024-10-06 17:00:49 +02:00			`// letterIdxMask: Bitmask to extract letter indices (all 1-bits for letterIdxBits).`
			`letterIdxMask = 1<<letterIdxBits - 1`
			`// letterIdxMax: The maximum number of letter indices that fit in 63 bits.`
			`letterIdxMax = 63 / letterIdxBits`
Replace math/rand with crypto/rand Since the Windows tests were still failing, we are replacing the random number generation with math/rand with random string generation via crypto/rand 2022-10-26 14:05:25 +02:00			`)`

Update randNum function and documentation for multiple versions Expanded randNum function comments to provide detailed behavior and usage across different Go versions. Enhanced the randomStringSecure function doc to explain its cryptographic secure implementation and error handling. 2024-10-06 17:00:49 +02:00			`// randomStringSecure returns a random string of the specified length.`
			`//`
			`// This function generates a cryptographically secure random string of the given length using`
			`// the crypto/rand package. It ensures that the randomness is secure and suitable for`
			`// cryptographic purposes. The function reads random bytes, converts them to indices within`
			`// a character range, and builds the string. If an error occurs while reading from the random`
			`// pool, it returns the error.`
			`//`
			`// Parameters:`
			`// - length: The length of the random string to be generated.`
			`//`
			`// Returns:`
			`// - A randomly generated string.`
			`// - An error if the random generation fails.`
Refactor variable names for better clarity Adjusted variable names in several functions and improved code readability. Full, descriptive names have replaced abbreviations to make the codes self-explanatory. The change is aimed at enhancing code maintenance and adhering to Go's best practices for naming conventions. 2024-02-27 11:30:09 +01:00			`func randomStringSecure(length int) (string, error) {`
			`randString := strings.Builder{}`
			`randString.Grow(length)`
			`charRangeLength := len(cr)`
Replace math/rand with crypto/rand Since the Windows tests were still failing, we are replacing the random number generation with math/rand with random string generation via crypto/rand 2022-10-26 14:05:25 +02:00
Refactor variable names for better clarity Adjusted variable names in several functions and improved code readability. Full, descriptive names have replaced abbreviations to make the codes self-explanatory. The change is aimed at enhancing code maintenance and adhering to Go's best practices for naming conventions. 2024-02-27 11:30:09 +01:00			`randPool := make([]byte, 8)`
			`_, err := rand.Read(randPool)`
Replace math/rand with crypto/rand Since the Windows tests were still failing, we are replacing the random number generation with math/rand with random string generation via crypto/rand 2022-10-26 14:05:25 +02:00			`if err != nil {`
Refactor variable names for better clarity Adjusted variable names in several functions and improved code readability. Full, descriptive names have replaced abbreviations to make the codes self-explanatory. The change is aimed at enhancing code maintenance and adhering to Go's best practices for naming conventions. 2024-02-27 11:30:09 +01:00			`return randString.String(), err`
Replace math/rand with crypto/rand Since the Windows tests were still failing, we are replacing the random number generation with math/rand with random string generation via crypto/rand 2022-10-26 14:05:25 +02:00			`}`
Refactor variable names for better clarity Adjusted variable names in several functions and improved code readability. Full, descriptive names have replaced abbreviations to make the codes self-explanatory. The change is aimed at enhancing code maintenance and adhering to Go's best practices for naming conventions. 2024-02-27 11:30:09 +01:00			`for idx, char, rest := length-1, binary.BigEndian.Uint64(randPool), letterIdxMax; idx >= 0; {`
			`if rest == 0 {`
			`_, err = rand.Read(randPool)`
Replace math/rand with crypto/rand Since the Windows tests were still failing, we are replacing the random number generation with math/rand with random string generation via crypto/rand 2022-10-26 14:05:25 +02:00			`if err != nil {`
Refactor variable names for better clarity Adjusted variable names in several functions and improved code readability. Full, descriptive names have replaced abbreviations to make the codes self-explanatory. The change is aimed at enhancing code maintenance and adhering to Go's best practices for naming conventions. 2024-02-27 11:30:09 +01:00			`return randString.String(), err`
Replace math/rand with crypto/rand Since the Windows tests were still failing, we are replacing the random number generation with math/rand with random string generation via crypto/rand 2022-10-26 14:05:25 +02:00			`}`
Refactor variable names for better clarity Adjusted variable names in several functions and improved code readability. Full, descriptive names have replaced abbreviations to make the codes self-explanatory. The change is aimed at enhancing code maintenance and adhering to Go's best practices for naming conventions. 2024-02-27 11:30:09 +01:00			`char, rest = binary.BigEndian.Uint64(randPool), letterIdxMax`
Replace math/rand with crypto/rand Since the Windows tests were still failing, we are replacing the random number generation with math/rand with random string generation via crypto/rand 2022-10-26 14:05:25 +02:00			`}`
Update variable name in random.go Changed the abbreviation 'idx' to 'i' in the 'random.go' file. This change makes the variable roles much clearer and aligns the naming with Go's best practice, enhancing readability and maintainability. 2024-02-27 11:43:05 +01:00			`if i := int(char & letterIdxMask); i < charRangeLength {`
			`randString.WriteByte(cr[i])`
Refactor variable names for better clarity Adjusted variable names in several functions and improved code readability. Full, descriptive names have replaced abbreviations to make the codes self-explanatory. The change is aimed at enhancing code maintenance and adhering to Go's best practices for naming conventions. 2024-02-27 11:30:09 +01:00			`idx--`
Replace math/rand with crypto/rand Since the Windows tests were still failing, we are replacing the random number generation with math/rand with random string generation via crypto/rand 2022-10-26 14:05:25 +02:00			`}`
Refactor variable names for better clarity Adjusted variable names in several functions and improved code readability. Full, descriptive names have replaced abbreviations to make the codes self-explanatory. The change is aimed at enhancing code maintenance and adhering to Go's best practices for naming conventions. 2024-02-27 11:30:09 +01:00			`char >>= letterIdxBits`
			`rest--`
Replace math/rand with crypto/rand Since the Windows tests were still failing, we are replacing the random number generation with math/rand with random string generation via crypto/rand 2022-10-26 14:05:25 +02:00			`}`

Refactor variable names for better clarity Adjusted variable names in several functions and improved code readability. Full, descriptive names have replaced abbreviations to make the codes self-explanatory. The change is aimed at enhancing code maintenance and adhering to Go's best practices for naming conventions. 2024-02-27 11:30:09 +01:00			`return randString.String(), nil`
Replace math/rand with crypto/rand Since the Windows tests were still failing, we are replacing the random number generation with math/rand with random string generation via crypto/rand 2022-10-26 14:05:25 +02:00			`}`