python: Use standard secrets module to generate random tokens.

There are three functional side effects: • Correct an insignificant but mathematically offensive bias toward repeated characters in generate_api_key introduced in commit 47b4283c4b4c70ecde4d3c8de871c90ee2506d87; its entropy is increased from 190.52864 bits to 190.53428 bits. • Use the base32 alphabet in confirmation.models.generate_key; its entropy is reduced from 124.07820 bits to the documented 120 bits, but now it uses 1 syscall instead of 24. • Use the base32 alphabet in get_bigbluebutton_url; its entropy is reduced from 51.69925 bits to 50 bits, but now it uses 1 syscall instead of 10. (The base32 alphabet is A-Z 2-7. We could probably replace all of these with plain secrets.token_urlsafe, since I expect most callers can handle the full urlsafe_b64 alphabet A-Z a-z 0-9 - _ without problems.) Signed-off-by: Anders Kaseorg <anders@zulip.com>
2025-11-02 21:13:36 +00:00 · 2020-09-04 19:02:13 -07:00
parent 56546170cf
commit b7b7475672
20 changed files with 51 additions and 57 deletions
--- a/zerver/lib/email_mirror.py
+++ b/zerver/lib/email_mirror.py
@@ -1,5 +1,6 @@
 import logging
 import re
+import secrets
 from email.headerregistry import AddressHeader
 from email.message import EmailMessage
 from typing import Dict, List, Optional, Tuple
@@ -25,7 +26,6 @@ from zerver.lib.queue import queue_json_publish
 from zerver.lib.rate_limiter import RateLimitedObject
 from zerver.lib.send_email import FromAddress
 from zerver.lib.upload import upload_message_file
-from zerver.lib.utils import generate_random_token
 from zerver.models import (
    Message,
    MissedMessageEmailAddress,
@@ -96,7 +96,7 @@ def log_and_report(email_message: EmailMessage, error_message: str, to: Optional
 # Temporary missed message addresses

 def generate_missed_message_token() -> str:
-    return 'mm' + generate_random_token(32)
+    return 'mm' + secrets.token_hex(16)

 def is_missed_message_address(address: str) -> bool:
    try: