Browse Source
Generating random numbers properly depends on the platform. The new getRandomBuffer method does the right thing on the right platform. It will sometimes fail due to insufficient entropy. The getPseudoRandomBuffer class is also provided that will never fail, but it is not cryptographically secure and should not be used for keys.patch-2
Ryan X. Charles
11 years ago
11 changed files with 130 additions and 33 deletions
@ -0,0 +1,5 @@ |
|||||
|
if (process.versions) { |
||||
|
module.exports = require('./node/SecureRandom'); |
||||
|
return; |
||||
|
} |
||||
|
module.exports = require('./browser/SecureRandom'); |
@ -0,0 +1,23 @@ |
|||||
|
var imports = require('soop'); |
||||
|
|
||||
|
var SecureRandom = require('../common/SecureRandom'); |
||||
|
|
||||
|
SecureRandom.getRandomBuffer = function(size) { |
||||
|
if (!window.crypto && !window.msCrypto) |
||||
|
throw new Error('window.crypto not available'); |
||||
|
|
||||
|
if (window.crypto && window.crypto.getRandomValues) |
||||
|
var crypto = window.crypto; |
||||
|
else if (window.msCrypto && window.msCrypto.getRandomValues) //internet explorer
|
||||
|
var crypto = window.msCrypto; |
||||
|
else |
||||
|
throw new Error('window.crypto.getRandomValues not available'); |
||||
|
|
||||
|
var bbuf = new Uint8Array(size); |
||||
|
crypto.getRandomValues(bbuf); |
||||
|
var buf = new Buffer(bbuf); |
||||
|
|
||||
|
return buf; |
||||
|
}; |
||||
|
|
||||
|
module.exports = require('soop')(SecureRandom); |
@ -0,0 +1,28 @@ |
|||||
|
var imports = require('soop'); |
||||
|
|
||||
|
var SecureRandom = function() { |
||||
|
}; |
||||
|
|
||||
|
/* secure random bytes that sometimes throws an error due to lack of entropy */ |
||||
|
SecureRandom.getRandomBuffer = function() {}; |
||||
|
|
||||
|
/* insecure random bytes, but it never fails */ |
||||
|
SecureRandom.getPseudoRandomBuffer = function(size) { |
||||
|
var b32 = 0x100000000; |
||||
|
var b = new Buffer(size); |
||||
|
|
||||
|
for (var i = 0; i <= size; i++) { |
||||
|
var j = Math.floor(i / 4); |
||||
|
var k = i - j * 4; |
||||
|
if (k == 0) { |
||||
|
r = Math.random() * b32; |
||||
|
b[i] = r & 0xff; |
||||
|
} else { |
||||
|
b[i] = (r = r >>> 8) & 0xff; |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
return b; |
||||
|
}; |
||||
|
|
||||
|
module.exports = require('soop')(SecureRandom); |
@ -0,0 +1,10 @@ |
|||||
|
var imports = require('soop'); |
||||
|
var crypto = imports.crypto || require('crypto'); |
||||
|
|
||||
|
var SecureRandom = require('../common/SecureRandom'); |
||||
|
|
||||
|
SecureRandom.getRandomBuffer = function(size) { |
||||
|
return crypto.randomBytes(size); |
||||
|
} |
||||
|
|
||||
|
module.exports = require('soop')(SecureRandom); |
@ -0,0 +1,57 @@ |
|||||
|
'use strict'; |
||||
|
|
||||
|
var chai = chai || require('chai'); |
||||
|
var bitcore = bitcore || require('../bitcore'); |
||||
|
var should = chai.should(); |
||||
|
var assert = chai.assert; |
||||
|
var SecureRandom = bitcore.SecureRandom; |
||||
|
|
||||
|
describe('SecureRandom', function() { |
||||
|
|
||||
|
describe('getRandomBuffer', function() { |
||||
|
|
||||
|
it('should return a buffer', function() { |
||||
|
var bytes = SecureRandom.getRandomBuffer(8); |
||||
|
bytes.length.should.equal(8); |
||||
|
Buffer.isBuffer(bytes).should.equal(true); |
||||
|
}); |
||||
|
|
||||
|
it('should not equate two 256 bit random buffers', function() { |
||||
|
var bytes1 = SecureRandom.getRandomBuffer(32); |
||||
|
var bytes2 = SecureRandom.getRandomBuffer(32); |
||||
|
bytes1.toString('hex').should.not.equal(bytes2.toString('hex')); |
||||
|
}); |
||||
|
|
||||
|
}); |
||||
|
|
||||
|
describe('getPseudoRandomBuffer', function() { |
||||
|
|
||||
|
it('should generate 7 random bytes', function() { |
||||
|
var buf = SecureRandom.getPseudoRandomBuffer(7); |
||||
|
buf.length.should.equal(7); |
||||
|
}); |
||||
|
|
||||
|
it('should generate 8 random bytes', function() { |
||||
|
var buf = SecureRandom.getPseudoRandomBuffer(8); |
||||
|
buf.length.should.equal(8); |
||||
|
}); |
||||
|
|
||||
|
it('should generate 9 random bytes', function() { |
||||
|
var buf = SecureRandom.getPseudoRandomBuffer(9); |
||||
|
buf.length.should.equal(9); |
||||
|
}); |
||||
|
|
||||
|
it('should generate 90 random bytes', function() { |
||||
|
var buf = SecureRandom.getPseudoRandomBuffer(90); |
||||
|
buf.length.should.equal(90); |
||||
|
}); |
||||
|
|
||||
|
it('should generate two 8 byte buffers that are not equal', function() { |
||||
|
var buf1 = SecureRandom.getPseudoRandomBuffer(8); |
||||
|
var buf2 = SecureRandom.getPseudoRandomBuffer(8); |
||||
|
buf1.toString('hex').should.not.equal(buf2.toString('hex')); |
||||
|
}); |
||||
|
|
||||
|
}); |
||||
|
|
||||
|
}); |
Loading…
Reference in new issue