Awesome

cfml-nanoid

CFML implementation of nanoid, secure URL-friendly unique ID generation.

A tiny, secure URL-friendly unique string ID generator for JavaScript
Safe. It uses SHA1PRNG (default), IBMSecureRandom, NativePRNG, NativePRNGBlocking or NativePRNGNonBlocking algorithms to assist in a proper distribution of symbols.
Compact. It uses more symbols than UUID (A-Za-z0-9_-) and has the same number of unique options in just 21 symbols instead of 36.

Usage

Instantiate the component:

nanoId = new nanoId();

nanoId.generate()

Generates compact ID using settings. (Defaults to 21 characters of the alphabet 0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz- using SHA1PRNG algorithm.)

writeOutput(nanoId.generate());
// jLWi7TKamN1zqpE_Z00Ab

nanoId.generate(alphabet, size, algorithm)

One-time override for a single ID generation

writeOutput(nanoId.generate(alphabet="ABCDEFGHJKLMNPQRSTUVXYZ"));
// XYDADCEJSYBMDLLTREBEF

writeOutput(nanoId.generate(size=12));
// 2PBPRu7HRoJP

writeOutput(nanoId.generate(algorithm="NativePRNG"));
// fkDNYl2snoOXMegoFi_Dr

// Using 2 ordered arguments
writeOutput(nanoId.generate("ABCDEFGHIJKLMNOPQRSTUVXYZ", 12));
// THTMYMVEGMAV

// Using 3 ordered arguments
writeOutput(nanoId.generate("ABCDEFGHIJKLMNOPQRSTUVXYZ", 12, "IBMSecureRandom"));
// RMQFYHVJIMEZ

nanoId.setAlphabet(alphabet)

Sets a custom characters for all subsequent ID generations. A dictionary name can also be used. (Defaults to 0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz-.)

nanoId.setAlphabet("ABCDEFGHJKLMNPQSTUVWXYZ");
// no output

nanoId.setSize(integer);

Sets custom string length for all subsequent ID generations. (Defaults to 21)

nanoId.setSize(12);
// no output

nanoId.setAlgorithm(algorithm);

Sets secure or non-secure generation type. (Defaults to SHA1PRNG. Options are SHA1PRNG, IBMSecureRandom, NativePRNG, NativePRNGBlocking, NativePRNGNonBlocking.)

nanoId.setAlgorithm("IBMSecureRandom");
// no output

Algorithms

Algorithm	Notes
SHA1PRNG	Initial seeding is currently done via a combination of system attributes and the java.security entropy gathering device
IBMSecureRandom	This implementation uses a SHA-1 message digest and computes the hash over a true-random seed value.
NativePRNG	(nextBytes() uses /dev/urandom, generateSeed() uses /dev/random)
NativePRNGBlocking	(nextBytes() and generateSeed() use /dev/random)
NativePRNGNonBlocking	(nextBytes() and generateSeed() use /dev/urandom)

Alphabet Dictionary

Code	Description	Characters
default	Default	0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz-
numbers	Numbers from 0 to 9	0123456789
hexadecimalLowercase	Lowercase English hexadecimal lowercase characters	0123456789abcdef
hexadecimalUppercase	Lowercase English hexadecimal uppercase characters	0123456789ABCDEF
lowercase	Lowercase English letters	abcdefghijklmnopqrstuvwxyz
uppercase	Uppercase English letters	ABCDEFGHIJKLMNOPQRSTUVWXYZ
alphanumeric	Combination of all the lowercase, uppercase characters & numbers from 0 to 9. Does not include any symbols or special characters	0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
nolookalikes	Numbers & english alphabet without lookalikes: `1`, `l`, `I`, `0`, `O`, `o`, `u`, `v`, `5`, `S`, `s`, `2`, `Z`.	346789ABCDEFGHJKLMNPQRTUVWXYabcdefghijkmnpqrtwxyz
nolookalikesSafe	Same as `noolookalikes` but with removed vowels & following letters: `3`, `4`, `x`, `X`, `V`. This list should protect you from accidentally getting obscene words in generated strings.	6789BCDFGHJKLMNPQRTWbcdfghjkmnpqrtwz

Benchmark

Algorithm	Speed
SHA1PRNG	8,832 ops/sec
IBMSecureRandom	13,411 ops/sec
NativePRNG	12,383 ops/sec
NativePRNGBlocking	12,942 ops/sec
NativePRNGNonBlocking	12,822 ops/sec

Test Configuration: ColdFusion Developer 2016.0.17.325979 / Windows Server 2016 / Java 11.0.11+9-LTS-194

To Review

Research to determine if Java native java.security.SecureRandom is sufficient and whether there are any hardware random generator options available.