149 lines
5.4 KiB
Plaintext
149 lines
5.4 KiB
Plaintext
import {promisify} from 'util';
|
|
import crypto from 'crypto';
|
|
|
|
const randomBytesAsync = promisify(crypto.randomBytes);
|
|
|
|
const urlSafeCharacters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-._~'.split('');
|
|
const numericCharacters = '0123456789'.split('');
|
|
const distinguishableCharacters = 'CDEHKMPRTUWXY012458'.split('');
|
|
const asciiPrintableCharacters = '!"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~'.split('');
|
|
const alphanumericCharacters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'.split('');
|
|
|
|
const generateForCustomCharacters = (length, characters) => {
|
|
// Generating entropy is faster than complex math operations, so we use the simplest way
|
|
const characterCount = characters.length;
|
|
const maxValidSelector = (Math.floor(0x10000 / characterCount) * characterCount) - 1; // Using values above this will ruin distribution when using modular division
|
|
const entropyLength = 2 * Math.ceil(1.1 * length); // Generating a bit more than required so chances we need more than one pass will be really low
|
|
let string = '';
|
|
let stringLength = 0;
|
|
|
|
while (stringLength < length) { // In case we had many bad values, which may happen for character sets of size above 0x8000 but close to it
|
|
const entropy = crypto.randomBytes(entropyLength);
|
|
let entropyPosition = 0;
|
|
|
|
while (entropyPosition < entropyLength && stringLength < length) {
|
|
const entropyValue = entropy.readUInt16LE(entropyPosition);
|
|
entropyPosition += 2;
|
|
if (entropyValue > maxValidSelector) { // Skip values which will ruin distribution when using modular division
|
|
continue;
|
|
}
|
|
|
|
string += characters[entropyValue % characterCount];
|
|
stringLength++;
|
|
}
|
|
}
|
|
|
|
return string;
|
|
};
|
|
|
|
const generateForCustomCharactersAsync = async (length, characters) => {
|
|
// Generating entropy is faster than complex math operations, so we use the simplest way
|
|
const characterCount = characters.length;
|
|
const maxValidSelector = (Math.floor(0x10000 / characterCount) * characterCount) - 1; // Using values above this will ruin distribution when using modular division
|
|
const entropyLength = 2 * Math.ceil(1.1 * length); // Generating a bit more than required so chances we need more than one pass will be really low
|
|
let string = '';
|
|
let stringLength = 0;
|
|
|
|
while (stringLength < length) { // In case we had many bad values, which may happen for character sets of size above 0x8000 but close to it
|
|
const entropy = await randomBytesAsync(entropyLength); // eslint-disable-line no-await-in-loop
|
|
let entropyPosition = 0;
|
|
|
|
while (entropyPosition < entropyLength && stringLength < length) {
|
|
const entropyValue = entropy.readUInt16LE(entropyPosition);
|
|
entropyPosition += 2;
|
|
if (entropyValue > maxValidSelector) { // Skip values which will ruin distribution when using modular division
|
|
continue;
|
|
}
|
|
|
|
string += characters[entropyValue % characterCount];
|
|
stringLength++;
|
|
}
|
|
}
|
|
|
|
return string;
|
|
};
|
|
|
|
const generateRandomBytes = (byteLength, type, length) => crypto.randomBytes(byteLength).toString(type).slice(0, length);
|
|
|
|
const generateRandomBytesAsync = async (byteLength, type, length) => {
|
|
const buffer = await randomBytesAsync(byteLength);
|
|
return buffer.toString(type).slice(0, length);
|
|
};
|
|
|
|
const allowedTypes = new Set([
|
|
undefined,
|
|
'hex',
|
|
'base64',
|
|
'url-safe',
|
|
'numeric',
|
|
'distinguishable',
|
|
'ascii-printable',
|
|
'alphanumeric'
|
|
]);
|
|
|
|
const createGenerator = (generateForCustomCharacters, generateRandomBytes) => ({length, type, characters}) => {
|
|
if (!(length >= 0 && Number.isFinite(length))) {
|
|
throw new TypeError('Expected a `length` to be a non-negative finite number');
|
|
}
|
|
|
|
if (type !== undefined && characters !== undefined) {
|
|
throw new TypeError('Expected either `type` or `characters`');
|
|
}
|
|
|
|
if (characters !== undefined && typeof characters !== 'string') {
|
|
throw new TypeError('Expected `characters` to be string');
|
|
}
|
|
|
|
if (!allowedTypes.has(type)) {
|
|
throw new TypeError(`Unknown type: ${type}`);
|
|
}
|
|
|
|
if (type === undefined && characters === undefined) {
|
|
type = 'hex';
|
|
}
|
|
|
|
if (type === 'hex' || (type === undefined && characters === undefined)) {
|
|
return generateRandomBytes(Math.ceil(length * 0.5), 'hex', length); // Need 0.5 byte entropy per character
|
|
}
|
|
|
|
if (type === 'base64') {
|
|
return generateRandomBytes(Math.ceil(length * 0.75), 'base64', length); // Need 0.75 byte of entropy per character
|
|
}
|
|
|
|
if (type === 'url-safe') {
|
|
return generateForCustomCharacters(length, urlSafeCharacters);
|
|
}
|
|
|
|
if (type === 'numeric') {
|
|
return generateForCustomCharacters(length, numericCharacters);
|
|
}
|
|
|
|
if (type === 'distinguishable') {
|
|
return generateForCustomCharacters(length, distinguishableCharacters);
|
|
}
|
|
|
|
if (type === 'ascii-printable') {
|
|
return generateForCustomCharacters(length, asciiPrintableCharacters);
|
|
}
|
|
|
|
if (type === 'alphanumeric') {
|
|
return generateForCustomCharacters(length, alphanumericCharacters);
|
|
}
|
|
|
|
if (characters.length === 0) {
|
|
throw new TypeError('Expected `characters` string length to be greater than or equal to 1');
|
|
}
|
|
|
|
if (characters.length > 0x10000) {
|
|
throw new TypeError('Expected `characters` string length to be less or equal to 65536');
|
|
}
|
|
|
|
return generateForCustomCharacters(length, characters.split(''));
|
|
};
|
|
|
|
const cryptoRandomString = createGenerator(generateForCustomCharacters, generateRandomBytes);
|
|
|
|
cryptoRandomString.async = createGenerator(generateForCustomCharactersAsync, generateRandomBytesAsync);
|
|
|
|
export default cryptoRandomString;
|