Better random string generation #28

Closed
wants to merge 4 commits into
from

Projects

None yet

1 participant

@aw
aw commented Aug 11, 2014

I'm a bit worried about Speakeasy's method of generating a random secret key.

Node.JS ships with a great library for handling that.

Here are the changes I've included:

  • New function called generate_random_key() which uses crypto.randomBytes() to create a truly random string
  • Modified generate_key() to use generate_random_key() instead of generate_key_ascii()
  • The length parameter is now relevant for the hex key instead of ascii
  • The symbols option still exists, but it's basically unused (which makes this change API-compatible)
  • Removed some unused functions
  • Updated the dependency version of thirty-two because it now returns a buffer instead of a string.

The only caveat so far is it's now impossible to have an ascii key with symbols (alphanumeric only).

@aw
aw commented Aug 13, 2014

I think i'll wait for version 2 before using this library.

@aw aw closed this Aug 13, 2014
@aw aw changed the title from Better random string generatation to Better random string generation Jan 15, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment