X Tutup
Skip to content

Add Get-SecureRandom cmdlet#19587

Merged
TravisEz13 merged 7 commits intoPowerShell:masterfrom
SteveL-MSFT:get-securerandom
May 2, 2023
Merged

Add Get-SecureRandom cmdlet#19587
TravisEz13 merged 7 commits intoPowerShell:masterfrom
SteveL-MSFT:get-securerandom

Conversation

@SteveL-MSFT
Copy link
Copy Markdown
Member

@SteveL-MSFT SteveL-MSFT commented Apr 28, 2023
edited
Loading

PR Summary

Add a Get-SecureRandom cmdlet which does not expose a -SetSeed parameter ensuring results are always cryptographically secure. Get-Random is derived from this cmdlet and maintains the -SetSeed parameter. The only changes to the move of code from GetRandomCommand is changing some members to internal from private so that Get-Random can call them.

The tests are a copy of the Get-Random tests removing the -SetSeed tests and adding a specific test to ensure that parameter doesn't exist.

PR Context

Users of Get-Random who use -SetSeed may mistakenly think they are cryptographically secure but is not since a seed is used. This new cmdlet makes it easy to not make this mistake.

PR Checklist

@SteveL-MSFT SteveL-MSFT requested a review from TravisEz13 April 28, 2023 00:49
@SteveL-MSFT SteveL-MSFT requested a review from PaulHigin as a code owner April 28, 2023 00:49
@iSazonov
Copy link
Copy Markdown
Collaborator

iSazonov commented Apr 28, 2023
edited
Loading

Is "Secure" right term if "strong crypto" is assumed? Maybe "Get-StrongRandom".

@MartinGC94
Copy link
Copy Markdown
Contributor

MartinGC94 commented Apr 28, 2023

Why not just emit a warning if the SetSeed parameter is used? If a new Get-SecureRandom command is added people will probably assume that Get-Random is insecure, when in reality it's only insecure in specific circumstances.

@SteveL-MSFT
Copy link
Copy Markdown
Member Author

SteveL-MSFT commented Apr 28, 2023

@MartinGC94 I considered adding a warning when -SetSeed is used, but when used in automation, no one will likely see the warning. You're correct that the default usage of Get-Random is secure, but the intent here is to make it more clear. Get-Random will continue to work as it does today so this is really for newer users.

@iSazonov I chose Get-SecureRandom primarily to match the naming of the *-SecureString cmdlets even though there is no relation functionally between the two. Strong or Crypto would only be meaningful to someone who already understands the implications of -SetSeed and the name is really for those who may not.

PaulHigin
PaulHigin approved these changes May 1, 2023
View reviewed changes
Copy link
Copy Markdown
Contributor

@PaulHigin PaulHigin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@daxian-dbw daxian-dbw added the WG-Cmdlets general cmdlet issues label May 1, 2023
@daxian-dbw daxian-dbw added the Needs-Triage The issue is new and needs to be triaged by a work group. label May 1, 2023
SteveL-MSFT and others added 2 commits May 1, 2023 16:17
@SteveL-MSFT @JamesWTruher
Update test/powershell/Modules/Microsoft.PowerShell.Utility/Get-Secur…
282431b 
…eRandom.Tests.ps1

Co-authored-by: James Truher [MSFT] <jimtru@microsoft.com>
@SteveL-MSFT
address codefactor
05589a1
@SteveL-MSFT SteveL-MSFT mentioned this pull request May 2, 2023
Closed
2 tasks
@pull-request-quantifier-deprecated
Copy link
Copy Markdown

pull-request-quantifier-deprecated bot commented May 2, 2023

This PR has 720 quantified lines of changes. In general, a change size of upto 200 lines is ideal for the best PR experience!

Quantification details 

Label      : Extra Large
Size       : +434 -286
Percentile : 90.67%

Total files changed: 7

Change summary by file extension:
.cs : +295 -284
.psd1 : +2 -2
.ps1 : +137 -0

Change counts above are quantified counts, based on the PullRequestQuantifier customizations.

Why proper sizing of changes matters

Optimal pull request sizes drive a better predictable PR flow as they strike a
balance between between PR complexity and PR review overhead. PRs within the
optimal size (typical small, or medium sized PRs) mean:

  • Fast and predictable releases to production:
    • Optimal size changes are more likely to be reviewed faster with fewer
      iterations.
    • Similarity in low PR complexity drives similar review times.
  • Review quality is likely higher as complexity is lower:
    • Bugs are more likely to be detected.
    • Code inconsistencies are more likely to be detected.
  • Knowledge sharing is improved within the participants:
    • Small portions can be assimilated better.
  • Better engineering practices are exercised:
    • Solving big problems by dividing them in well contained, smaller problems.
    • Exercising separation of concerns within the code changes.

What can I do to optimize my changes

  • Use the PullRequestQuantifier to quantify your PR accurately
    • Create a context profile for your repo using the context generator
    • Exclude files that are not necessary to be reviewed or do not increase the review complexity. Example: Autogenerated code, docs, project IDE setting files, binaries, etc. Check out the Excluded section from your prquantifier.yaml context profile.
    • Understand your typical change complexity, drive towards the desired complexity by adjusting the label mapping in your prquantifier.yaml context profile.
    • Only use the labels that matter to you, see context specification to customize your prquantifier.yaml context profile.
  • Change your engineering behaviors
    • For PRs that fall outside of the desired spectrum, review the details and check if:
      • Your PR could be split in smaller, self-contained PRs instead
      • Your PR only solves one particular issue. (For example, don't refactor and code new features in the same PR).

How to interpret the change counts in git diff output

  • One line was added: +1 -0
  • One line was deleted: +0 -1
  • One line was modified: +1 -1 (git diff doesn't know about modified, it will
    interpret that line like one addition plus one deletion)
  • Change percentiles: Change characteristics (addition, deletion, modification)
    of this PR in relation to all other PRs within the repository.

Was this comment helpful? 👍  :ok_hand:  :thumbsdown: (Email)
Customize PullRequestQuantifier for this repository.

@TravisEz13 TravisEz13 merged commit a153446 into PowerShell:master May 2, 2023
@SteveL-MSFT SteveL-MSFT deleted the get-securerandom branch May 2, 2023 18:01
@crisman crisman mentioned this pull request May 30, 2023
Closed
3 tasks
@sdwheeler sdwheeler added PowerShell-Docs needed The PR was reviewed and a PowerShell Docs update is needed and removed Needs-Triage The issue is new and needs to be triaged by a work group. labels Jun 1, 2023
@adityapatwardhan adityapatwardhan added the CL-General Indicates that a PR should be marked as a general cmdlet change in the Change Log label Jun 28, 2023
@ghost
Copy link
Copy Markdown

ghost commented Jun 29, 2023

🎉v7.4.0-preview.4 has been released which incorporates this pull request.:tada:

Handy links:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@TravisEz13 TravisEz13 TravisEz13 approved these changes

@iSazonov iSazonov iSazonov approved these changes

+2 more reviewers

@JamesWTruher JamesWTruher JamesWTruher left review comments

@PaulHigin PaulHigin PaulHigin approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@TravisEz13 TravisEz13

Labels

CL-General Indicates that a PR should be marked as a general cmdlet change in the Change Log Extra Large PowerShell-Docs needed The PR was reviewed and a PowerShell Docs update is needed WG-Cmdlets general cmdlet issues

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

9 participants

@SteveL-MSFT @iSazonov @MartinGC94 @JamesWTruher @TravisEz13 @PaulHigin @daxian-dbw @adityapatwardhan @sdwheeler
X Tutup