I’m a beginner, and I can’t figure out how to use any of the generators in Data.String.Gen
Could you provide more explanation as to what you are trying to do and why?
I need to generate random strings of a specific length to pad some data for encryption. This avoids packets with the same data encrypting the same. I didn’t write the server so I can’t use an initialization vector for compatibility reasons.
data = “real data” <> + (randomString 12)
The server knows to take the last 12 bytes off to get the real data. Because it’s bytes, I want to use an ASCII string.
The usual way of using MonadGen is via the Gen type provided by quickcheck. However, quickcheck is based on lcg, which is not cryptographically secure. I’m not aware of a type which provides a cryptographically secure MonadGen instance; you may need to put one together yourself.
It sounds inappropriate for my use. I’ve decided to generate UUIDs and take an appropriately sized slice.
@jsparkes you should not use slices of UUIDs because these slices would not be truly random. There was an article published about this a few weeks ago I think. I’m not even sure that full UUIDs are suitable for your purpose. I’m not really knowledgeable about this topic, so someone with more experience should probably chip in.
I guess I will have to write my own random string generator, to be relatively safe. I was hoping to avoid it, but I have learned enough to deal with the Effect from random.
I think that’s a bad idea. In general, one should not write crypto code themselves.
The random strings are just padding for the data, which is then encrypted using AES. The person who wrote the server side did not know about initialization vectors, which is really all we needed.
Oh, if that’s the case, ignore my previous comment.
Why do you want to pad the data with random strings? You can just pad the data with a character that is repeated. isn’t this the best and easiest solution?
Oh, I just read your rationale for doing this above. Yet again, ignore my previous comment.