sec_random_token

one of the documented procedures in this installation of the ACS
Usage:
sec_random_token
What it does:
Generates a random token, using the TokenLength as the token length.
Defined in: /web/philip/packages/acs-core/security-procs.tcl

Source code:


    set token ""
    set length [ad_parameter TokenLength "" 32]
    set secret [ad_parameter TokenSecret "" "tkpwtfzp!"]
    
    while { [string length $token] < $length } {
	# Digest a funky random string and ns_crypt it.
	set str ""
	for { set i 0 } { $i < 8 } { incr i } {
	    append str [sec_random_char]
	}
	append str $secret
	for { set i 0 } { $i < 8 } { incr i } {
	    append str [sec_random_char]
	}
	set digested [sec_digest_string $str]
	set crypted [ns_crypt "[sec_random_char][sec_random_char]" $digested]
	# Pull the non-salt characters out.
	append token [string range $crypted 2 12]
    }
    return [string range $token 0 [expr { $length - 1 }]]


philg@mit.edu