Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

math/big: update to math/rand/v2 #70790

Open
robpike opened this issue Dec 11, 2024 · 7 comments
Open

math/big: update to math/rand/v2 #70790

robpike opened this issue Dec 11, 2024 · 7 comments
Assignees
Labels
NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone

Comments

@robpike
Copy link
Contributor

robpike commented Dec 11, 2024

Go version

go version 1.23

Output of go env in your module/workspace:

N/A

What did you do?

I wanted to update robpike.io/ivy to math/rand/v2, but was inconvenienced by math/big/Int.Rand using the old random number generator. The type in the signature precludes using v2.

Compatibility of output aside, it should be easy to update, and also a good idea to keep the library consistent. math/rand/v2 is the right one to use.

What did you see happen?

Sadness and pain.

What did you expect to see?

Joy and clear skies.

@prattmic
Copy link
Member

math/rand.Rand and math/rand/v2.Rand are different types, so changing the signature of math/big.(*Int).Rand would be an incompatible change.

Is the idea here to add something like math/big.(*Int).RandV2 that takes a math/rand/v2.Rand?

@randall77
Copy link
Contributor

You could use crypto/rand.Int instead, possibly. That would require packing up something from math/rand/v2 as a io.Reader. Chacha8 implements io.Reader, but rand.Rand doesn't? Not sure why that is.

@griesemer griesemer added this to the Go1.25 milestone Dec 11, 2024
@robpike
Copy link
Contributor Author

robpike commented Dec 12, 2024

I believe it was to discourage people from just calling rand.Read to generate poor quality passwords.

@rsc
Copy link
Contributor

rsc commented Dec 12, 2024

Using crypto/rand.Int with crypto/rand.Reader seems fine.

@robpike
Copy link
Contributor Author

robpike commented Dec 12, 2024

One detail I need from ivy, as well as any simulation tool, is that I can seed it, which crypto/rand will not allow.

@rsc
Copy link
Contributor

rsc commented Dec 13, 2024

In that case, passing a seeded math/rand/v2.NewChaCha8 to crypto/rand.Int is probably best.

ChaCha8 implements Reader because as long as the seed is unpredictable,
it is strong enough to read arbitrary amounts of bytes without any appreciable
patterns or reverse analysis.

The same is not true of PCG, so PCG does not implement Reader.

@seankhliao
Copy link
Member

So the suggestion right now is:

bigRand, _ := crypto/rand.Int(math/rand/v2.NewChaCha8(seed), big.NewInt(maximum))

@seankhliao seankhliao added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Jan 9, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Projects
None yet
Development

No branches or pull requests

6 participants