[whatwg] Cryptographically strong random numbers

Glenn Maynard glenn at zewt.org
Fri Feb 11 04:32:12 PST 2011


On Fri, Feb 11, 2011 at 6:38 AM, Adam Barth <w3c at adambarth.com> wrote:

> Just to followup on this thread, I've landed this feature in WebKit.
> I'm not sure whether it made it into tonight's nightly, but it should
> be in a nightly shortly.  The IDL for the API is as follows:
>
> interface Crypto {
>  void getRandomValues(in ArrayBufferView array) raises(DOMException);
> };
>
> If the ArrayBufferView isn't a Uint8Array or if the user agent is
> unable to obtain "true" randomness from the OS, getRandomValues throws
> an exception (VALIDATION_ERR in the former case and NOT_SUPPORTED_ERR
> in the latter case).
>

Rather than raising NOT_SUPPORTED_ERR, would it be better to follow the
example from other specs: to omit the function entirely if the feature is
disabled?  (Specifically, "When support for a feature is disabled (e.g. as
an emergency measure to mitigate a security problem, or to aid in
development, or for performance reasons), user agents must act as if they
had no support for the feature whatsoever, and as if the feature was not
mentioned in this specification.")

That's nicer for checking whether the function exists to check support.
Otherwise, you have to make a dummy call to check support.  It also means
you only need to check support in one way--since you'll need to check
whether the function exists anyway.

-- 
Glenn Maynard



More information about the whatwg mailing list