Random strings
От | Joe Conway |
---|---|
Тема | Random strings |
Дата | |
Msg-id | 01ed01c12034$38ff7ae0$48d210ac@jecw2k1 обсуждение исходный текст |
Ответы |
Re: Random strings
|
Список | pgsql-patches |
> > generating session keys and other things. It's good to have a > > choice. Right now I have a lot of pl/pgsql which calls plain old > > RANDOM() to generate session keys, and that is not good. Before I > > launch this thing, I will need to find a way of getting better random > > numbers. If anyone has created a function like that for PG, please > > mail me, because I need it. > > As I said earlier, I just recently created a function for something else I'm > working on which returns a binary string from /dev/urandom of whatever > length you request. I'm using it for initialization vectors (IVs) for 3des > cbc and for session keys. It should be relatively easy to turn into a pgsql > contrib function, so I'll post something to patches within the next couple > of days. It would not be intended to replace the standard RANDOM() function, > just compliment it. Biggest question in my mind is the return type -- should > it return pure binary as a bytea type, or hex as a text type? Any thoughts > on this? > Per the discussion yesterday, here's a patch. There are two versions of essentially the same function. They both take an int as the number of requested random bytes, and generate a random binary string of the requested length from /dev/urandom. The first one (randomstr_hex) converts the binary to hex and returns it as text, and the other (randomstr_bytea) does the needed escaping of special characters and returns bytea. Let me know if you have any other thoughts on how this can be improved. I didn't bother to create a function to return a random 0 - 1 interval float (ala random()) because in most cases where cryptographic quality random values are needed, the provided forms are the most useful ones (I think). -- Joe
Вложения
В списке pgsql-patches по дате отправления: