https://netsuiteprofessionals.com logo
Join Slack
Powered by
I've got a requirement to generate a random string...
# suitescript
c
I've got a requirement to generate a random string on a server side script. It has to be crypto secure. This is harder than i thought it would be. Anyone solved this already?
c
maybe check out CryptoJS and use that
b
The basic solution to this is to first define your alphabet, then randomly choose a letter from your alphabet, repeat for each character of your string
s
I'd recommend against writing anything yourself. Lean on proven/tested implementation, perhaps from CryptoJS as creece suggests, or from something NS provides ( I haven't used their built in crypto api for a while)
c
the built in crypto stuff is lacking
thats what i was getting at is dont reinvent the wheel.. random in cs isn't really random and there's all kinds of weirdness around it.. but nothing stopping you from writing some small piece if you absolutely need to reinvent the wheel.
b
Question is weird in the first place. Random string is weird. Random byte or number is more normal and is something you can get out of cryptojs
s
aye, though reinventing the wheel in the crypto space is more than just wasting time - it's a security risk as well.
c
agreed
c
I'm generating a password for consumption by a third party. Being server side makes it harder because many of the js libs that provide this service rely on browser tools. Hence the awkwardness of the solution.
b
that generally doesn't have to be crypto secure. Generally your password just needs to be resistant to guessing ie. wont be guessed by a computer or human
if you really need crypto secure, you are doomed, there is no crypto secure random number generator like crypto.getRandomValues in suitescript and Math.random makes no promises about security
.you can try using a webservice that generates random numbers
if you are truly desperate, you can try abusing the initialization vector returned by N/crypto's crypto.CipherPayload
4 Views
Open in Slack
PreviousNext
Powered by