We're updating the issue view to help you get more done. 

OpenFire randomString has too many digits

Description

In StringUtils numbersAndLetters string array duplicates digits 0-9 twice, this results in random strings which have less entropy than you might expect from their length (and incidentally causes the results to fail simple tests of randomness as different characters don't occur with the same frequency).

The practical loss of entropy is modest.[

https://github.com/igniterealtime/Openfire/blob/master/src/java/org/jivesoftware/util/StringUtils.java]

Stylistically the code in randomString has hard coded 72 when it should probably use the computed length of the array.

 

Environment

None

Acceptance Test - Entry

Random strings should produce each permitted character with the same frequency.

Assignee

Dave Cridland

Reporter

Simon Waters

Labels

Expected Effort

Minimal

Ignite Forum URL

None

Components

Fix versions

Affects versions

Priority

Minor
Configure