1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

(define-module (crypto)
  #:use-module (rnrs bytevectors)
  ;; #:use-module (guix base32)
  #:use-module (utils)
  #:use-module (ice-9 binary-ports)
  #:export (random-string
            random-string-in-collection
            char-collection-hmac-secret
            char-collection-alpha-numeric))

(define (random-string len)
  ;; not sure if escaping is possible https://stackoverflow.com/a/19028585
  ;;   TODO this reduces entropy, but might prevent http header parser problems?
  ;;41==A we are exluding a bunch of signs
  (define min-char 65)
  (define max-char (- 126 min-char))

  (define (gen-char)
    (integer->char (+ (random max-char)
                      min-char)))
  (list->string (map-n-times (lambda (_) (gen-char)) len)))

;; getting errors with \\ and maybe some other url-encoded chars? like maybe %&$"= did not test each
(define char-collection-hmac-secret "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890!§/(){}[]+-,.;:*")
(define char-collection-alpha-numeric "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890")
(define (random-string-in-collection len lst)
  (define min-char 0)
  (define max-char (string-length lst))

  (define (gen-char)
    (string-ref lst (+ (random max-char)
                       min-char)))
  (list->string (map-n-times (lambda (_) (gen-char)) len)))

(set! *random-state* (random-state-from-platform))