[whatwg] crypto.getRandomValues feedback

Adam Barth w3c at adambarth.com
Mon Feb 20 20:18:31 PST 2012

I've updated http://wiki.whatwg.org/wiki/Crypto to have
getRandomValues return the array.


On Mon, Feb 20, 2012 at 2:51 PM, Jonas Sicking <jonas at sicking.cc> wrote:
> Hi All,
> For reference, much of this feedback has been given in the Firefox
> Bugzilla bug. See [1] and forward.
> Basically the in/out nature of the getRandomValues function looks very
> bad to me. This is inconsistent with almost every other JS API which
> uses return values rather than in/out arguments. The main exception
> that I can find is Array.splice, but this appears to be so that it can
> return the removed items.
> But the main thing that I dislike about in/out arguments over return
> values is that it makes coding with them very cumbersome. This is a
> common pattern in perl:
> $tempString = getSomeValue();
> $tempString =~ s/expression/;
> doStuff($tempString);
> This because the =~ operator doesn't return the result of the
> search'n'replace expression which is generally the value that you want
> to use. The same thing is the case with the getRandomValues API as it
> currently exists. The web JS will have to look something like this:
> var tempBuffer = new UInt8Array(65536);
> crypto.getRandomValues(tempBuffer);
> doStuff(tempBuffer);
> This can be greatly improved if we make getRandomValues return the
> buffer passed to it. That way the following code would work:
> doStuff(crypto.getRandomValues(new UInt8Array(65536)));
> This will also make it possible to nicely expand the API to take an
> integer which the API would use to create a buffer of the passed in
> size and fill that with random values. Not something we have to do
> right now, but would be easy to add later if we feel the need.
> [1] https://bugzilla.mozilla.org/show_bug.cgi?id=440046#c205
> / Jonas

More information about the whatwg mailing list