refactor: use crypto/rand for cryptographically secure secret generation.

Author: osmontero

installer/utils/secret.go

@@ -1,20 +1,23 @@
 package utils
 
 import (
-	"math/rand"
+	"crypto/rand"
+	"math/big"
 )
 
 func GenerateSecret(size int) string {
 	var characters = []rune("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789")
+	if size <= 0 {
+		return ""
+	}
 
-	var s string
-	for {
-		if len(s) >= size {
-			break
+	result := make([]rune, size)
+	for i := range result {
+		num, err := rand.Int(rand.Reader, big.NewInt(int64(len(characters))))
+		if err != nil {
+			panic(err) // Consider returning error if signature allows, but keeping panic for now as panic on CSPRNG fail is reasonable for secret gen
 		}
-
-		s += string(characters[rand.Intn(len(characters))])
+		result[i] = characters[num.Int64()]
 	}
-
-	return s
+	return string(result)
 }