Home

Awesome

cfmlbadges cfmlbadges

cfml-nanoid

CFML implementation of nanoid, secure URL-friendly unique ID generation.

Usage

Instantiate the component:

nanoId = new nanoId();

nanoId.generate()

Generates compact ID using settings. (Defaults to 21 characters of the alphabet 0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz- using SHA1PRNG algorithm.)

writeOutput(nanoId.generate());
// jLWi7TKamN1zqpE_Z00Ab

nanoId.generate(alphabet, size, algorithm)

One-time override for a single ID generation

writeOutput(nanoId.generate(alphabet="ABCDEFGHJKLMNPQRSTUVXYZ"));
// XYDADCEJSYBMDLLTREBEF

writeOutput(nanoId.generate(size=12));
// 2PBPRu7HRoJP

writeOutput(nanoId.generate(algorithm="NativePRNG"));
// fkDNYl2snoOXMegoFi_Dr

// Using 2 ordered arguments
writeOutput(nanoId.generate("ABCDEFGHIJKLMNOPQRSTUVXYZ", 12));
// THTMYMVEGMAV

// Using 3 ordered arguments
writeOutput(nanoId.generate("ABCDEFGHIJKLMNOPQRSTUVXYZ", 12, "IBMSecureRandom"));
// RMQFYHVJIMEZ

nanoId.setAlphabet(alphabet)

Sets a custom characters for all subsequent ID generations. A dictionary name can also be used. (Defaults to 0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz-.)

nanoId.setAlphabet("ABCDEFGHJKLMNPQSTUVWXYZ");
// no output

nanoId.setSize(integer);

Sets custom string length for all subsequent ID generations. (Defaults to 21)

nanoId.setSize(12);
// no output

nanoId.setAlgorithm(algorithm);

Sets secure or non-secure generation type. (Defaults to SHA1PRNG. Options are SHA1PRNG, IBMSecureRandom, NativePRNG, NativePRNGBlocking, NativePRNGNonBlocking.)

nanoId.setAlgorithm("IBMSecureRandom");
// no output

Algorithms

AlgorithmNotes
SHA1PRNGInitial seeding is currently done via a combination of system attributes and the java.security entropy gathering device
IBMSecureRandomThis implementation uses a SHA-1 message digest and computes the hash over a true-random seed value.
NativePRNG(nextBytes() uses /dev/urandom, generateSeed() uses /dev/random)
NativePRNGBlocking(nextBytes() and generateSeed() use /dev/random)
NativePRNGNonBlocking(nextBytes() and generateSeed() use /dev/urandom)

Alphabet Dictionary

CodeDescriptionCharacters
defaultDefault0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz-
numbersNumbers from 0 to 90123456789
hexadecimalLowercaseLowercase English hexadecimal lowercase characters0123456789abcdef
hexadecimalUppercaseLowercase English hexadecimal uppercase characters0123456789ABCDEF
lowercaseLowercase English lettersabcdefghijklmnopqrstuvwxyz
uppercaseUppercase English lettersABCDEFGHIJKLMNOPQRSTUVWXYZ
alphanumericCombination of all the lowercase, uppercase characters & numbers from 0 to 9. Does not include any symbols or special characters0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
nolookalikesNumbers & english alphabet without lookalikes: 1, l, I, 0, O, o, u, v, 5, S, s, 2, Z.346789ABCDEFGHJKLMNPQRTUVWXYabcdefghijkmnpqrtwxyz
nolookalikesSafeSame as noolookalikes but with removed vowels & following letters: 3, 4, x, X, V. This list should protect you from accidentally getting obscene words in generated strings.6789BCDFGHJKLMNPQRTWbcdfghjkmnpqrtwz

Benchmark

AlgorithmSpeed
SHA1PRNG8,832 ops/sec
IBMSecureRandom13,411 ops/sec
NativePRNG12,383 ops/sec
NativePRNGBlocking12,942 ops/sec
NativePRNGNonBlocking12,822 ops/sec

Test Configuration: ColdFusion Developer 2016.0.17.325979 / Windows Server 2016 / Java 11.0.11+9-LTS-194

To Review

Research to determine if Java native java.security.SecureRandom is sufficient and whether there are any hardware random generator options available.