Re: [Haskell-cafe] [Haskell] ANN: nonce package

On 07-06-2015 06:44, Geraldus wrote:

вс, 7 июня 2015 г. в 13:26, Geraldus mailto:heraldhoi@gmail.com>:

Hi, Felipe! Thank you for sharing!

The one question I have is there some good way to generate unique nonces?

Nonces generated by the nonce package are always unique. If not, there's a huge bug, or your /dev/urandom is broken.

Also it is good to make a new generator in function which produces a nonce? E.g.

generateNonce :: forall (m :: * -> *). (MonadIO m, Functor m) => m Text generateNonce = do g <- new nonce128urlT g

You will not shoot yourself in the foot security-wise. You are not able to distinguish a sequence of nonces generated by replicateM n (new >>= nonce128urlT) vs new >>= replicateM n . nonce128urlT However, 'new' is a _very_ expensive function. Your generateNonce function will have abysmal performance (and so will the first example above). Please avoid creating many generators. Cheers, -- Felipe.