Get random characters using relevance

jgstew · February 21, 2017, 12:33am

New inspectors were added in version 9.5.3.211 to get random values using BigFix relevance: https://developer.bigfix.com/relevance/reference/integer.html#random-integer-of-integer-integer

These inspectors are not yet available on all platforms (Mac) and are not super useful if you have to write relevance to work on previous versions of BigFix.

That said, here is a method to get 10 random characters using that method: https://bigfix.me/relevance/details/3019528

concatenations of (characters it) of (it + 33 /* int to ASCII table position */ ) of (random integer of it) of (94) /* <-character set */ of integers to 9 /* <-length */

If we don’t need perfect cryptographic randomness, then what is an alternative method to get random characters using older versions of BigFix?

The best way to get randomness using BigFix is to combine as many possible sources of semi-random data using a hashing function. If you only need to support BigFix v9.0.586.0+ then the sha2_512 and sha2_256 hashing functions are available, otherwise sha1 is available for BigFix v8.2.1078.0+

Sources of semi-randomness:

###computer id:

Q: computer id
A: 12345

###uptime of operating system:

Q: uptime of operating system / second
A: 2952805

subscribe times of sites:

Q: (now - minimum of subscribe times of sites) / second
A: 50737777

last gather time of current site:

Q: (now - last gather time of current site) / second
A: 7576

expiration date of client license

Q: (now - expiration date of client license) / second
A: -314213597

pids of processes

Q: sum of pids of processes
A: 2907920

used amount of ram:

Q: used amount of ram
A: 345382912

last report time of client:

Q: (now - last report time of client) / second
A: 7

average of evaluationcycle of client:

Q: average of evaluationcycle of client
A: 1243655

effective dates of settings of clients:

Q: sum of (it / second) of (now - it) of effective dates of settings of clients
A: 12214814002

Others:

https://developer.bigfix.com/relevance/reference/time.html#last-relay-select-time-time
https://developer.bigfix.com/relevance/reference/time.html#last-report-time-of-client-time
https://developer.bigfix.com/relevance/reference/time.html#start-date-of-license-time
concatenations of mac addresses of adapters of networks

Once, you have “enough” sources of semi-randomness, then combine them:

Q: (base64 encode it) of sha1s of concatenations of sha1s of (it as string) of (computer id; uptime of operating system / second; (now - minimum of subscribe times of sites) / second; (now - last gather time of current site) / second)
A: MzI4YzZjMzgxYzVhZDlkMDRjMDkyYTA0YTg4NzdhOGJhNWQwZTRhYw==

This will work as long as you need less than ~50 characters

Q: (base64 encode it) of sha2_512s of concatenations of sha2_512s of (it as string) of (computer id; uptime of operating system / second; (now - minimum of subscribe times of sites) / second; (now - last gather time of current site) / second)
A: MTM2MjZlNDQ5NzhmODQxNzc1NmJjOWQ2ZDNhYWM0MWIxMzY1Y2Y2MzJiMTM1YzdiMTQ4MTg0YWRhYjQ1MGIwNzMxNzc3MzNkN2EwZWRkMWViMDlmZThkYzFiOWNkZjYxMzg1ZTcyZDZhNmI0ZWQ0OTAxMGU0ZWJhMDdlYTMyNDY=

This will work with ~170 characters

There may be a better option to expand the character set of the hash than base64 encode but that is definitely the easiest.

To get the first 20 characters:

Q: firsts 20 of (base64 encode it) of sha2_512s of concatenations of sha2_512s of (it as string) of (computer id; uptime of operating system / second; (now - minimum of subscribe times of sites) / second; (now - last gather time of current site) / second)
A: ZjViYzAxNzYzNjQxZjFk

This should give up to ~50 random characters using random operators with fallback:

Q: last 50 of (if ( exists properties whose(it as string = "random integer of <integer>: integer") ) then (concatenation of (characters it) of (it + 33 /* int to ASCII table position */ ) of (random integer of it) of (94) /* <-character set */ of integers to 52) else ( (base64 encode it) of (sha2_512 of it | sha1 of it) of concatenation of (sha2_512 of it | sha1 of it) of (it as string) of ( (computer id);(uptime of operating system / second);((now - minimum of subscribe times of sites) / second);((now - last gather time of current site) / second);((now - expiration date of client license) / second);(sum of pids of processes);(size of ram);((now - last report time of client) / second);(average of evaluationcycle of client);(sum of (it / second) of (now - it) of effective dates of settings of clients) ) ))
A: ^1Uz~4mHWXN%7fIS+Xiz(*jB,uV\gIQrBnU#*cCZ}(ruscYZC~{e
T: 0.423 ms

This SHOULD work for BigFix v8.2+

If you are going to use something like this for a password or similar, then the longer the better.