From 658800ee8ea2e0ece153a56d603c85a07d5a6149 Mon Sep 17 00:00:00 2001
From: kazk <kazk.dev@gmail.com>
Date: Sun, 12 Dec 2021 19:41:09 -0800
Subject: [PATCH] Use random password

---
 src/imp/security_framework.rs | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/src/imp/security_framework.rs b/src/imp/security_framework.rs
index 6dba7a85..5a89dfa8 100644
--- a/src/imp/security_framework.rs
+++ b/src/imp/security_framework.rs
@@ -7,6 +7,7 @@ use self::security_framework::base;
 use self::security_framework::certificate::SecCertificate;
 use self::security_framework::identity::SecIdentity;
 use self::security_framework::import_export::{ImportedIdentity, Pkcs12ImportOptions};
+use self::security_framework::random::SecRandom;
 use self::security_framework::secure_transport::{
     self, ClientBuilder, SslConnectionType, SslContext, SslProtocol, SslProtocolSide,
 };
@@ -91,7 +92,7 @@ impl Identity {
 
         let dir = TempDir::new().map_err(|_| Error(base::Error::from(errSecIO)))?;
         let keychain = keychain::CreateOptions::new()
-            .password("password")
+            .password(&random_password()?)
             .create(dir.path().join("identity.keychain"))?;
 
         let mut items = SecItems::default();
@@ -180,6 +181,19 @@ impl Identity {
     }
 }
 
+fn random_password() -> Result<String, Error> {
+    use std::fmt::Write;
+    let mut bytes = [0_u8; 10];
+    SecRandom::default()
+        .copy_bytes(&mut bytes)
+        .map_err(|_| Error(base::Error::from(errSecIO)))?;
+    let mut s = String::with_capacity(2 * bytes.len());
+    for byte in bytes {
+        write!(s, "{:02X}", byte).map_err(|_| Error(base::Error::from(errSecIO)))?;
+    }
+    Ok(s)
+}
+
 #[derive(Clone)]
 pub struct Certificate(SecCertificate);