Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: introduce Math.getRandomValues() #33

Merged
merged 3 commits into from
Oct 29, 2019
Merged

feat: introduce Math.getRandomValues() #33

merged 3 commits into from
Oct 29, 2019
+18 −2

Conversation

bcoe
Copy link
Collaborator

@bcoe bcoe commented Oct 12, 2019
edited
Loading

Coming out of conversations in #25, and #31, I would like to advocate that the best option I've heard so far for facilitating the need for a mockable, secure source of randomness, to act as a foundation for UUID algorithms, would be the introduction of an API identical to crypto.getRandomValues().

I'm looping in a couple fo the folks who have worked on the Web Cryptography API, to see if they have any additional advice 😄 ....

@mwatson (@mwatson2), @plehegar, to give you some context, we're working on a proposal to add cryptographically secure UUIDs to ECMAScript, and the idea has been floated that we use an API resembling crypto.getRandomValues() for the foundation of the algorithm.

see: #25, #31, #32

bcoe added 2 commits October 12, 2019 13:48
@bcoe
feat: introduce Math.getRandomValues()

Verified

This commit was signed with the committer’s verified signature.
alexanderbez Aleksandr Bezobchuk
GPG key ID: E9E1BA3149A22A84
Verified
Learn about vigilant mode
8d80a99
@bcoe
chore: fix links

Verified

This commit was signed with the committer’s verified signature.
alexanderbez Aleksandr Bezobchuk
GPG key ID: E9E1BA3149A22A84
Verified
Learn about vigilant mode
95906b1
@bcoe bcoe requested review from broofa, ctavan, sffc and bakkot October 12, 2019 21:00
@bcoe
Copy link
Collaborator Author

bcoe commented Oct 12, 2019

sorry for the spam @mwatson, meant to loop @mwatson2 into this thread.

ctavan
ctavan approved these changes Oct 13, 2019
View reviewed changes
@bcoe
chore: address review

Verified

This commit was signed with the committer’s verified signature.
alexanderbez Aleksandr Bezobchuk
GPG key ID: E9E1BA3149A22A84
Verified
Learn about vigilant mode
14add23
@bcoe
Copy link
Collaborator Author

bcoe commented Oct 16, 2019

@littledan @ljharb any opinions on this topic, I was wondering if there's prior art with regards to adopting a recommendation from W3C.

@ljharb
Copy link
Member

ljharb commented Oct 16, 2019

Not that I know of, but I'd expect to see the spec for it upstreamed, ie not have 262 just point to HTML.

@plehegar plehegar mentioned this pull request Oct 16, 2019
Open
@broofa broofa mentioned this pull request Oct 19, 2019
Merged
@ctavan ctavan mentioned this pull request Oct 19, 2019
Closed
@bcoe bcoe mentioned this pull request Oct 29, 2019
Open
@bcoe bcoe merged commit b14679f into master Oct 29, 2019
@bcoe bcoe deleted the thats-random branch October 29, 2019 04:53
This was referenced Oct 29, 2019
Closed
Closed
@littledan
Copy link
Member

Yes, I am all for this, but let's work closely with the WebCrypto people here. Do we want this to be the same function, or a similar function?

@ctavan ctavan mentioned this pull request Nov 25, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ctavan ctavan

@bakkot bakkot

@broofa broofa

@sffc sffc

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@bcoe @ljharb @littledan @ctavan @bakkot