Phobos randomUUID is not suitable to generate secrets

Seb seb at wilzba.ch
Sat Sep 5 17:06:19 UTC 2020


On Saturday, 5 September 2020 at 10:41:34 UTC, Johannes Pfau 
wrote:
>
> 3) Optionally: Implement a Secure, System based RNG.
>
> I'll open a pull request for steps 1-2 today, so that the 
> immediate problem is solved. I'll also have a look how 
> difficult it is to do 3).

Have a look at these two well-tested implementations:

https://github.com/libmir/mir-random/blob/master/source/mir/random/engine/package.d
https://github.com/vibe-d/vibe.d/blob/master/crypto/vibe/crypto/cryptorand.d

You could even copy-paste one of them into Phobos as Vibe.d's 
implementation is based on Mir's which in turn is Boost-licensed.


More information about the Digitalmars-d mailing list