Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add secure random number generator as extension #32

Merged
merged 4 commits into from Jan 3, 2018
Merged

add secure random number generator as extension #32

merged 4 commits into from Jan 3, 2018

Conversation

johnxnguyen
Copy link
Contributor

What's in this PR?

I've added an extension to UInt to provide a secure random number generator with an upper bound and no modulo bias. This was suggested by @vytis and I've used this page as a guide.

@vytis
Copy link
Contributor

vytis commented Jan 2, 2018

Would be good if @marcoconti83 or @raphaelrobert could check it for any deficiencies.

@wire-bot
Copy link
Contributor

wire-bot commented Jan 2, 2018
edited

1 Warning
⚠️ Source/NSOrderedSet+Zeta.m#L102: nil returned from a method that is expected to return a non-null value
return best;

Generated by 🚫 Danger

@typfel
Copy link
Member

typfel commented Jan 2, 2018

I guess I missed the previous discussion but why can't we use arc4random_uniform directly?

@johnxnguyen
Copy link
Contributor Author

@typfel although arc4random_uniform is free of modulo bias, I don't think it's really considered random enough for crypto purposes

@vytis
Copy link
Contributor

vytis commented Jan 2, 2018

Basically to be on the safe side and use cryptographically safe random numbers. arc4random is not safe I think.

@typfel
Copy link
Member

typfel commented Jan 2, 2018

Ok

@johnxnguyen
Copy link
Contributor Author

Also, I'm not sure how to test this, is there something we can test?

@marcoconti83
Copy link
Member

What are you going to use this function for? Where do you need a random UInt?

@johnxnguyen
Copy link
Contributor Author

@marcoconti83 when we obfuscate a text message, we use a random array index to replace each non-whitespace character with a random alphabetic character

@mikeger mikeger merged commit b356ffc into develop Jan 3, 2018
@mikeger mikeger deleted the feature/secure+random+integer branch January 3, 2018 08:08
zenkins added a commit that referenced this pull request Jan 3, 2018
@zenkins
Release 18.2.0: It smells like a illegal revolution
131cff8 
Diff with previous:
18.1.1...18.2.0

Commits:
	b356ffc Merge pull request #32 from wireapp/feature/secure+random+integer
	17e6734 add tests
	4ecd036 guard against division by zero
	1eb9b70 use overflow operator
	9ce8dfd add secure random number generator as extension
	a6155c0 Merge pull request #31 from wireapp/feature/circleci
	300baed Fix test results directory
	0fffe38 Update config
	f03a108 Added CircleCI 2.0 config
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mikeger mikeger mikeger approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@johnxnguyen @vytis @wire-bot @typfel @marcoconti83 @mikeger