Drag InsecureRandom into 2024

.gitignore

@@ -1,17 +1,13 @@
-*.gem
-*.rbc
-.bundle
-.config
-.yardoc
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+
+# rspec failure tracking
+.rspec_status
+
 Gemfile.lock
-InstalledFiles
-_yardoc
-coverage
-doc/
-lib/bundler/man
-pkg
-rdoc
-spec/reports
-test/tmp
-test/version_tmp
-tmp

.rspec

@@ -0,0 +1,4 @@
+--color
+--format documentation
+--order random
+--require spec_helper

.rubocop.yml

@@ -0,0 +1,34 @@
+require:
+- rubocop-rake
+- rubocop-rspec
+
+AllCops:
+  NewCops: enable
+  TargetRubyVersion: 3.0
+
+Gemspec/DevelopmentDependencies:
+  Enabled: false
+
+Naming/MethodParameterName:
+  AllowedNames: n
+
+RSpec/DescribedClass:
+  Enabled: false
+
+RSpec/ExampleLength:
+  Enabled: false
+
+RSpec/MultipleExpectations:
+  Enabled: false
+
+Style/StringLiterals:
+  EnforcedStyle: double_quotes
+
+Style/SymbolArray:
+  Enabled: false
+
+Style/TrailingCommaInArrayLiteral:
+  EnforcedStyleForMultiline: comma
+
+Style/TrailingCommaInHashLiteral:
+  EnforcedStyleForMultiline: comma

Gemfile

@@ -1,6 +1,10 @@
+# frozen_string_literal: true
+
 source "https://rubygems.org"
 
 gemspec
 
-gem "rake"
-gem "rspec", "~> 3.0"
+gem "rspec", "~> 3.13.0"
+gem "rubocop", "~> 1.63.1"
+gem "rubocop-rake", "~> 0.6.0"
+gem "rubocop-rspec", "~> 2.29.1"

LICENSE.txt

@@ -1,22 +1,21 @@
-Copyright (c) 2013 Steve Richert
+The MIT License (MIT)
 
-MIT License
+Copyright (c) 2013 Steve Richert
 
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
 
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
 
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

Rakefile

@@ -1,6 +1,10 @@
+# frozen_string_literal: true
+
 require "bundler/gem_tasks"
 require "rspec/core/rake_task"
+require "rubocop/rake_task"
 
 RSpec::Core::RakeTask.new(:spec)
+RuboCop::RakeTask.new(:rubocop)
 
-task :default => :spec
+task default: [:spec, :rubocop]

bin/console

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+
+# frozen_string_literal: true
+
+require "bundler/setup"
+require "insecure_random"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

insecure_random.gemspec

@@ -1,19 +1,37 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
-Gem::Specification.new do |spec|
-  spec.name    = "insecure_random"
-  spec.version = "1.0.0"
+require_relative "lib/insecure_random/version"
 
-  spec.author      = "Steve Richert"
-  spec.email       = "[email protected]"
-  spec.summary     = "Like SecureRandom, but less… secure"
+Gem::Specification.new do |spec|
+  spec.name = "insecure_random"
+  spec.summary = "Like SecureRandom, but less… secure"
   spec.description = "InsecureRandom overwrites SecureRandom to enable predictability via seeding."
-  spec.homepage    = "https://github.com/laserlemon/insecure_random"
-  spec.license     = "MIT"
+  spec.version = InsecureRandom::VERSION
+
+  spec.author = "Steve Richert"
+  spec.email = "[email protected]"
+  spec.license = "MIT"
+  spec.homepage = "https://github.com/laserlemon/insecure_random"
+
+  spec.metadata = {
+    "allowed_push_host" => "https://rubygems.org",
+    "bug_tracker_uri" => "https://github.com/laserlemon/insecure_random/issues",
+    "funding_uri" => "https://github.com/sponsors/laserlemon",
+    "homepage_uri" => "https://github.com/laserlemon/insecure_random",
+    "rubygems_mfa_required" => "true",
+    "source_code_uri" => "https://github.com/laserlemon/insecure_random",
+  }
+
+  spec.required_ruby_version = ">= 3.0.0"
+  spec.add_development_dependency "bundler", ">= 2"
+  spec.add_development_dependency "rake", ">= 13"
 
-  spec.files         = `git ls-files`.split($/)
-  spec.test_files    = spec.files.grep(/^spec/)
-  spec.require_paths = ["lib"]
+  spec.files = [
+    "insecure_random.gemspec",
+    "lib/insecure_random.rb",
+    "lib/insecure_random/version.rb",
+    "LICENSE.txt",
+  ]
 
-  spec.add_development_dependency "bundler"
+  spec.extra_rdoc_files = ["README.md"]
 end

lib/insecure_random.rb

@@ -1,13 +1,92 @@
+# frozen_string_literal: true
+
 require "securerandom"
 
-module SecureRandom
-  class << self
-    private def insecure_random(n = nil)
-      n = n ? n.to_int : 16
-      Array.new(n) { Kernel.rand(256) }.pack("C*")
+# The InsecureRandom module is the interface for enabling and disabling the
+# ability to seed SecureRandom's output. Outside of enabling or disabling this
+# ability, there should be no need to call methods on the InsecureRandom module
+# directly. Simply use SecureRandom as you normally would, with the confidence
+# that its output is now repeatable by seeding via Kernel.srand.
+module InsecureRandom
+  # This module is mixed into SecureRandom via InsecureRandom.hook! Beccause
+  # the Hook module is empty, mixing it in changes no behavior, but this module
+  # gives us a foothold in SecureRandom so that adding instance methods to Hook
+  # module adds the same method to SecureRandom as a singleton method.
+  module Hook
+  end
+
+  # The Overrides module holds all of the method overrides necessary to change
+  # SecureRandom's behavior to repeatable by seeding.
+  module Overrides
+    def gen_random(n)
+      Random.bytes(n)
+    end
+  end
+
+  # Calling InsecureRandom.hook! prepends the Hook module onto SecureRandom's
+  # singleton class, allowing InsecureRandom to (later) override specific
+  # singleton methods.
+  #
+  # InsecureRandom.hook! is called at the bottom of this file and only needs
+  # to be called once. However, there should be no harmful effects if this
+  # method is called repeatedly.
+  def self.hook!
+    ::SecureRandom.singleton_class.prepend(Hook)
+
+    true
+  end
+
+  # Returns whether SecureRandom's behavior is currently repeatable by seeding.
+  def self.enabled?
+    Hook.instance_methods.any?
+  end
+
+  # Change SecureRandom's behavior to be repeatable by seeding. Enablement
+  # occurs globally and remains enabled until explicitly disabled. See:
+  # InsecureRandom.disable! below.
+  #
+  # Returns true if enabled successfully or false if already enabled.
+  def self.enable!
+    return false if enabled?
+
+    Overrides.instance_methods.each do |method|
+      Hook.define_method(method, Overrides.instance_method(method))
+    end
+
+    true
+  end
+
+  # Reverts SecureRandom's behavior to no longer be repeatable by seeding.
+  # Disablement occurs globally and remains disabled until explicity
+  # enabled. See: InsecureRandom.enable! above.
+  #
+  # Returns true if disabled successfully or false if already disabled.
+  def self.disable!
+    return false unless enabled?
+
+    Overrides.instance_methods.each do |method|
+      Hook.remove_method(method)
     end
 
-    alias original_gen_random gen_random
-    alias gen_random insecure_random
+    true
+  end
+
+  # Enables SecureRandom's repeatable behavior for the duration of the given
+  # block, then reliably disables SecureRandom's repeatability.
+  #
+  # Returns the return value of the given block.
+  def self.enable
+    enable!
+    yield
+  ensure
+    disable!
   end
 end
+
+# Install InsecureRandom.
+#
+# THIS DOES NOT *ENABLE* InsecureRandom. You must explicitly enable via
+# the InsecureRandom.enable! or InsecureRandom.enable methods. Until
+# InsecureRandom is explicitly enabled, SecureRandom's behavior remains
+# entirely untouched.
+InsecureRandom.hook!

lib/insecure_random/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module InsecureRandom
+  VERSION = Gem::Version.new("2.0.0")
+end