W3C home > Mailing lists > Public > whatwg@whatwg.org > February 2011

[whatwg] Cryptographically strong random numbers

From: Cedric Vivier <cedricv@neonux.com>
Date: Sat, 5 Feb 2011 13:00:05 +0800
Message-ID: <AANLkTiksATsR8p2jbb8Pj=paKojY_F+KmB+vu0C1De98@mail.gmail.com>

On Sat, Feb 5, 2011 at 08:42, Adam Barth <w3c at adambarth.com> wrote:
> interface Crypto {
> ?Float32Array getRandomFloat32Array(in long length);
> ?Uint8Array getRandomUint8Array(in long length);
> };

I think the API would be more flexible and more future-proof defined as :

interface Crypto {
    void getRandomValues(in ArrayBufferView data);

getRandomValues(in ArrayBufferView data)
Fills a typed array with a cryptographically strong sequence of random values.
The length of the array determines how many cryptographically strong
random values are produced.

We had same discussion when defining readPixels API in WebGL.

Advantages :
1) this allows to reuse the same array over and over when necessary,
or circular buffer, instead of trashing the GC with new allocations
everytime one wants new random bytes.
2) this allows to fill any integer array directly (Float*Array might
need more specification here though as Boris pointed out - could be
disallowed initially)
3) this avoids exposing N methods for every type and makes refactoring
simpler (changing the array type does not require changing the
function call)

(and also better matches most existing crypto APIs in other languages
that are also given an array to fill rather than returning an array)

Received on Friday, 4 February 2011 21:00:05 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:30 UTC