Move random utilities to crypto/randutil package.

command/crypto/jwk/create.go

@@ -9,8 +9,8 @@ import (
 	"os"
 
 	"github.com/pkg/errors"
-	"github.com/smallstep/cli/crypto"
 	"github.com/smallstep/cli/crypto/pem"
+	"github.com/smallstep/cli/crypto/randutil"
 	"github.com/smallstep/cli/errs"
 	"github.com/smallstep/cli/jose"
 	"github.com/smallstep/cli/utils"
@@ -562,7 +562,7 @@ func createAction(ctx *cli.Context) error {
 				return errors.Wrap(err, "error reading password")
 			}
 
-			salt, err := crypto.GetRandomSalt(pbkdf2SaltSize)
+			salt, err := randutil.GetRandomSalt(pbkdf2SaltSize)
 			if err != nil {
 				return err
 			}
@@ -574,7 +574,7 @@ func createAction(ctx *cli.Context) error {
 				P2S:       salt,
 			}
 		} else {
-			key, err := crypto.RandAlphanumeric(32)
+			key, err := randutil.RandAlphanumeric(32)
 			if err != nil {
 				return errors.Wrap(err, "error generating password")
 			}

command/crypto/jwt/sign.go

@@ -10,7 +10,7 @@ import (
 	"time"
 
 	"github.com/pkg/errors"
-	"github.com/smallstep/cli/crypto"
+	"github.com/smallstep/cli/crypto/randutil"
 	"github.com/smallstep/cli/errs"
 	"github.com/smallstep/cli/jose"
 	"github.com/urfave/cli"
@@ -283,7 +283,7 @@ func signAction(ctx *cli.Context) error {
 		c.IssuedAt = jose.NewNumericDate(now)
 	}
 	if c.ID == "" && ctx.IsSet("jti") {
-		if c.ID, err = crypto.RandHex(40); err != nil {
+		if c.ID, err = randutil.RandHex(40); err != nil {
 			return errors.Wrap(err, "error creating random jti")
 		}
 	}

command/oauth/cmd.go

@@ -19,7 +19,7 @@ import (
 	"github.com/urfave/cli"
 
 	"github.com/smallstep/cli/command"
-	"github.com/smallstep/cli/crypto"
+	"github.com/smallstep/cli/crypto/randutil"
 	"github.com/smallstep/cli/errs"
 	"github.com/smallstep/cli/exec"
 	jose "gopkg.in/square/go-jose.v2"
@@ -282,12 +282,12 @@ type oauth struct {
 }
 
 func newOauth(provider, clientID, clientSecret, authzEp, tokenEp, scope, loginHint string) (*oauth, error) {
-	state, err := crypto.GenerateRandomRestrictedString(32)
+	state, err := randutil.GenerateRandomRestrictedString(32)
 	if err != nil {
 		return nil, err
 	}
 
-	challenge, err := crypto.GenerateRandomRestrictedString(64)
+	challenge, err := randutil.GenerateRandomRestrictedString(64)
 	if err != nil {
 		return nil, err
 	}

crypto/randutil/random.go

@@ -1,4 +1,4 @@
-package crypto
+package randutil
 
 import (
 	"crypto/rand"

jose/generate.go

@@ -7,8 +7,8 @@ import (
 	"crypto/rsa"
 
 	"github.com/pkg/errors"
-	"github.com/smallstep/cli/crypto"
 	"github.com/smallstep/cli/crypto/pem"
+	"github.com/smallstep/cli/crypto/randutil"
 	"golang.org/x/crypto/ed25519"
 )
 
@@ -160,7 +160,7 @@ func generateOctKey(size int, alg, use, kid string) (*JSONWebKey, error) {
 		size = DefaultOctSize
 	}
 
-	key, err := crypto.RandAlphanumeric(size)
+	key, err := randutil.RandAlphanumeric(size)
 	if err != nil {
 		return nil, err
 	}

utils/reader/read.go

@@ -9,7 +9,7 @@ import (
 	"syscall"
 
 	"github.com/pkg/errors"
-	"github.com/smallstep/cli/crypto"
+	"github.com/smallstep/cli/crypto/randutil"
 	"golang.org/x/crypto/ssh/terminal"
 )
 
@@ -68,7 +68,7 @@ func GeneratePasswordOnEmpty(ptr *string, key string) error {
 
 	if len(*ptr) == 0 {
 		var err error
-		if *ptr, err = crypto.GenerateRandomRestrictedString(passwordLength); err != nil {
+		if *ptr, err = randutil.GenerateRandomRestrictedString(passwordLength); err != nil {
 			return errors.Wrapf(err, "Failed to generate %s", key)
 		}
 		fmt.Printf("\n\n%s: %s\n\n", key, *ptr)