Alphanumeric secret values generated for template environment files map random bytes onto a 62-character set with a modulo, so the first 8 characters of the set are slightly more likely than the rest. Entropy stays high, but secrets should not have a known bias.
Fix: rejection sampling or crypto/rand.Int per character.
Raised in review of #142.
Alphanumeric secret values generated for template environment files map random bytes onto a 62-character set with a modulo, so the first 8 characters of the set are slightly more likely than the rest. Entropy stays high, but secrets should not have a known bias.
Fix: rejection sampling or crypto/rand.Int per character.
Raised in review of #142.