Unique random string generation

by

Update 2016/1/23

If you find this answer useful, you may be interested in a simple (~500 SLOC) password generation library I published:

Install-Package MlkPwgen

Then you can generate random strings just like in the answer below:

var str = PasswordGenerator.Generate(length: 10, allowed: Sets.Alphanumerics);

One advantage of the library is that the code is better factored out so you can use secure randomness for more than generating strings. Check out the project site for more details.

Original Answer

Since no one has provided secure code yet, I post the following in case anyone finds it useful.

string RandomString(int length, string allowedChars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789") {
    if (length < 0) throw new ArgumentOutOfRangeException("length", "length cannot be less than zero.");
    if (string.IsNullOrEmpty(allowedChars)) throw new ArgumentException("allowedChars may not be empty.");

    const int byteSize = 0x100;
    var allowedCharSet = new HashSet<char>(allowedChars).ToArray();
    if (byteSize < allowedCharSet.Length) throw new ArgumentException(String.Format("allowedChars may contain no more than {0} characters.", byteSize));

    // Guid.NewGuid and System.Random are not particularly random. By using a
    // cryptographically-secure random number generator, the caller is always
    // protected, regardless of use.
    using (var rng = System.Security.Cryptography.RandomNumberGenerator.Create()) {
        var result = new StringBuilder();
        var buf = new byte[128];
        while (result.Length < length) {
            rng.GetBytes(buf);
            for (var i = 0; i < buf.Length && result.Length < length; ++i) {
                // Divide the byte into allowedCharSet-sized groups. If the
                // random value falls into the last group and the last group is
                // too small to choose from the entire allowedCharSet, ignore
                // the value in order to avoid biasing the result.
                var outOfRangeStart = byteSize - (byteSize % allowedCharSet.Length);
                if (outOfRangeStart <= buf[i]) continue;
                result.Append(allowedCharSet[buf[i] % allowedCharSet.Length]);
            }
        }
        return result.ToString();
    }
}

Thanks to Ahmad for pointing out how to get the code working on .NET Core.

More Related Contents:

  1. Getting same numbers from random number generator even though it’s out of the loop. Why? [closed]
  2. Random number generator only generating one random number
  3. How do I generate a random int number?
  4. Generating random, unique values C#
  5. How to access random item in list?
  6. Is C# Random Number Generator thread safe?
  7. Best way to randomize an array with .NET
  8. Select N random elements from a List in C#
  9. How do I seed a random class to avoid getting duplicate random values [duplicate]
  10. Random String Generator Returning Same String [duplicate]
  11. How do I generate a random integer in C#?
  12. Produce a random number in a range using C#
  13. Random Number Between 2 Double Numbers
  14. Generate N random and unique numbers within a range
  15. Random Numbers in Unity3D?
  16. C# Random Numbers aren’t being “random”
  17. How do I select a random value from an enumeration?
  18. Pick Random String From Array
  19. Why is the System.Random class not static?
  20. Random number generator in C# – unique values
  21. Random Number Generation – Same Number returned [duplicate]
  22. Non-repetitive random number
  23. Random slot algorithm
  24. Why does Random.Next() always return the same number [duplicate]
  25. Pros and cons of RNGCryptoServiceProvider
  26. Multiple random numbers are the same [duplicate]
  27. linq: order by random
  28. Making an array of random ints
  29. Generate distinctly different RGB colors in graphs
  30. Correct way to use Random in multithread application [duplicate]

Leave a Comment