Merge pull request #173 from crypto-browserify/randomfill

dcousens · web-flow · commit 8800190c99e6 · 2017-11-02T12:28:24.000+11:00
add rndom fill
diff --git a/.travis.yml b/.travis.yml
@@ -17,7 +17,7 @@ matrix:
     - node_js: '4'
       env: TEST_SUITE=browser BROWSER_NAME=firefox BROWSER_VERSION="-2..latest"
     - node_js: '4'
-      env: TEST_SUITE=browser BROWSER_NAME=safari BROWSER_VERSION="5..latest"
+      env: TEST_SUITE=browser BROWSER_NAME=safari BROWSER_VERSION="7..latest"
     - node_js: '4'
       env: TEST_SUITE=browser BROWSER_NAME=android BROWSER_VERSION="5.0..latest"
 script: "npm run-script $TEST_SUITE"
diff --git a/index.js b/index.js
@@ -65,6 +65,11 @@ exports.privateDecrypt = publicEncrypt.privateDecrypt
 //   }
 // })
 
+var rf = require('randomfill')
+
+exports.randomFill = rf.randomFill
+exports.randomFillSync = rf.randomFillSync
+
 exports.createCredentials = function () {
   throw new Error([
     'sorry, createCredentials is not implemented yet',
diff --git a/package.json b/package.json
@@ -27,11 +27,13 @@
     "inherits": "^2.0.1",
     "pbkdf2": "^3.0.3",
     "public-encrypt": "^4.0.0",
-    "randombytes": "^2.0.0"
+    "randombytes": "^2.0.0",
+    "randomfill": "^1.0.3"
   },
   "devDependencies": {
     "hash-test-vectors": "~1.3.2",
     "pseudorandombytes": "^2.0.0",
+    "safe-buffer": "^5.1.1",
     "standard": "^5.0.2",
     "tape": "~2.3.2",
     "zuul": "^3.6.0"
diff --git a/test/index.js b/test/index.js
@@ -12,6 +12,7 @@ try {
   require('./public-encrypt')
   require('./random-bytes')
   require('./sign')
+  require('./random-fill')
 } catch (e) {
   console.log('no secure rng avaiable')
 }
diff --git a/test/random-fill.js b/test/random-fill.js
@@ -0,0 +1,53 @@
+var test = require('tape')
+var crypto = require('../')
+var Buffer = require('safe-buffer').Buffer
+
+test('get error message', function (t) {
+  try {
+    var b = crypto.randomFillSync(Buffer.alloc(10))
+    t.ok(Buffer.isBuffer(b))
+    t.end()
+  } catch (err) {
+    t.ok(/not supported/.test(err.message), '"not supported"  is in error message')
+    t.end()
+  }
+})
+
+test('randomfill', function (t) {
+  t.plan(5)
+  t.equal(crypto.randomFillSync(Buffer.alloc(10)).length, 10)
+  t.ok(Buffer.isBuffer(crypto.randomFillSync(Buffer.alloc(10))))
+  crypto.randomFill(Buffer.alloc(10), function (ex, bytes) {
+    t.error(ex)
+    t.equal(bytes.length, 10)
+    t.ok(Buffer.isBuffer(bytes))
+    t.end()
+  })
+})
+
+test('seems random', function (t) {
+  var L = 1000
+  var b = crypto.randomFillSync(Buffer.alloc(L))
+
+  var mean = [].reduce.call(b, function (a, b) {
+    return a + b
+  }, 0) / L
+
+  // test that the random numbers are plausably random.
+  // Math.random() will pass this, but this will catch
+  // terrible mistakes such as this blunder:
+  // https://github.com/dominictarr/crypto-browserify/commit/3267955e1df7edd1680e52aeede9a89506ed2464#commitcomment-7916835
+
+  // this doesn't check that the bytes are in a random *order*
+  // but it's better than nothing.
+
+  var expected = 256 / 2
+  var smean = Math.sqrt(mean)
+
+  // console.log doesn't work right on testling, *grumble grumble*
+  console.log(JSON.stringify([expected - smean, mean, expected + smean]))
+  t.ok(mean < expected + smean)
+  t.ok(mean > expected - smean)
+
+  t.end()
+})

Original file line number	Diff line number	Diff line change
`@@ -12,6 +12,7 @@ try {`
`12`	`12`	`require('./public-encrypt')`
`13`	`13`	`require('./random-bytes')`
`14`	`14`	`require('./sign')`
	`15`	`+ require('./random-fill')`
`15`	`16`	`} catch (e) {`
`16`	`17`	`console.log('no secure rng avaiable')`
`17`	`18`	`}`