On Wednesday, August 3, 2011 12:15:32 PM UTC+2, Jorge wrote: > > From http://en.wikipedia.org/wiki//dev/random : "The intent is to serve > as a cryptographically secure pseudorandom number generator, delivering > output with entropy as large as possible. This is suggested for use in > generating cryptographic keys for high-value or long-term protection" > > $ node > >function getRandomBytes (howMany) { > var fs= require('fs'); > var bytes= new Buffer(howMany); > var fd= fs.openSync('/dev/random', 'r'); > This is unnecessary, node.js crypto API has a http://nodejs.org/docs/v0.6.1/api/crypto.html#randomBytes function that uses OpenSSL RAND_bytes() to handle this task correctly. It internally uses /dev/urandom or whatever is appropriate for the given platform, is cryptographically strong and won't block on some systems when system entropy pool is depleted (like your example would).
Example use to generate a string: http://stackoverflow.com/questions/8855687/secure-random-token-in-node-js -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
