[whatwg] Cryptographically strong random numbers

Cedric Vivier cedricv at neonux.com
Wed Feb 16 18:30:00 PST 2011


On Thu, Feb 17, 2011 at 08:29, Allen Wirfs-Brock <allen at wirfs-brock.com> wrote:
>  Array.randomFill= function (length){...};
>
> This would create a new array of the specified length where each element is a random value in some range.  I propose that this range be 0..65535 as these are easily manipulatable (and optimizable) values  that are likely to have some degree of optimization in all implementations.  I don't really see why other element ranges need to be supported as they are easily constructed these values.  However, if strong use cases (endianness??) can be made for the utility of natively supporting multiple element ranges then we could either add more functions:
>  Array.randomFill8(length)
>  Array.randomFill24(length)
>  Array.randomFill32(length)
> or accept an optimal second parameter that specifies the desired bit width:
>  Array.randomFill(length, bitWidth  /*1 .. (32?, 48?, 53?) */)
>
> I would recommend keeping it simple and avoiding such non-essential tweaks.
>
> There was some (it didn't seem very serious) concerns about the cost of array allocation for such calls.  I would point out  that creating a new array is already the technique used in ECMAScript for most somewhat comparable situations such as the results of RegExp matches, the set of items deleted by slice, etc. Others might invoke words about the desirability of a functional style...


As Glenn pointed out, efficiency is just one part of the concern.
Flexibility is the main one. The fact you struggle to propose an API
that can satisfy everyone with 4 different randomFill functions rings
'code smell' to me.

You are making policy decisions on what kind of values (eg "only
0..65535") you can get from it and might severely hamper use cases
where efficiency is important (eg. just on top of my head, _stream_
random data to WebGL or WebGL) while it is always possible to create
an array before the call if you want to (or write a 3 line wrapper to
do that).

In fact most other languages/frameworks work this way, and I'm not
sure it makes sense in the first place to have this kind of specific
'seldom used' function in the language and/or such a basic and
commonly used type as Array, compared to have it in a type providing
crypto features (eg. <global>.crypto).


Regards,


More information about the es-discuss mailing list