Increase token size to 32 bytes

This fix bumps the token size from 16 to 32 bytes in order to match the default minimum entropy as recommended by Python docs. Note, that there is also a comparison to a constant TOKEN_ΜΙΝ_LEN where one module assumed that length to be characters and another module (utils.py) assumes that length to be bytes. So this fix uses bytes as the meaning from now on. Fixes canonical#4481 Signed-off-by: Eric Brown <eric_wade_brown@yahoo.com>
ericwb · Apr 8, 2024 · db26427 · db26427
1 parent f9eb294
commit db26427
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/scripts/wrappers/add_token.py b/scripts/wrappers/add_token.py
@@ -145,7 +145,7 @@ def print_short(token, check):
     parser.add_argument(
         "--token",
         "-t",
-        help="Specify the bootstrap token to add, must be 32 characters long. "
+        help="Specify the bootstrap token to add, must be 32 bytes long. "
         "Auto generates when empty.",
     )
     parser.add_argument(
@@ -163,10 +163,10 @@ def print_short(token, check):
     if args.token is not None:
         token = args.token
     else:
-        token = token_hex(16)
+        token = token_hex(32)
 
     if len(token) < TOKEN_ΜΙΝ_LEN:
-        print("Invalid token size.  It must be 32 characters long.")
+        print("Invalid token size.  It must be 32 bytes long.")
         exit(1)
 
     add_token_with_expiry(token, cluster_tokens_file, ttl)