Use Random.fraction() as random generator

RocketChat · Feb 16, 2022 · dc81c95 · dc81c95
1 parent fd07c98
commit dc81c95
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 33 deletions.
diff --git a/app/e2e/client/helper.js b/app/e2e/client/helper.js
@@ -1,10 +1,10 @@
 /* eslint-disable new-cap, no-proto */
 
-import * as crypto_module from 'crypto';
+// import * as crypto_module from 'crypto';
 
 import ByteBuffer from 'bytebuffer';
 
-import { words } from './wordList';
+import { getRandomFraction } from '../../../lib/random';
 
 const StaticArrayBufferProto = new ArrayBuffer().__proto__;
 
@@ -126,37 +126,15 @@ export async function readFileAsArrayBuffer(file) {
 	});
 }
 
-function hexString(digits) {
-	const numBytes = Math.ceil(digits / 2);
-	let bytes;
-	// Try to get cryptographically strong randomness. Fall back to
-	// non-cryptographically strong if not available.
-	try {
-		bytes = crypto_module.randomBytes(numBytes);
-	} catch (e) {
-		// XXX should re-throw any error except insufficient entropy
-		bytes = crypto_module.pseudoRandomBytes(numBytes);
-	}
-	const result = bytes.toString('hex');
-	// If the number of digits is odd, we'll have generated an extra 4 bits
-	// of randomness, so we need to trim the last digit.
-	return result.substring(0, digits);
-}
-
-// criptographically secure way of generating a number between 0-1( similar to Math.random())
-function fraction() {
-	const numerator = Number.parseInt(hexString(8), 16);
-	return numerator * 2.3283064365386963e-10; // 2^-3;
-}
-
-export function generateMnemonicPhrase(n, sep = ' ') {
+export async function generateMnemonicPhrase(n, sep = ' ') {
+	const { default: wordList } = await import('./wordList');
 	const result = new Array(n);
-	let len = words.length;
+	let len = wordList.length;
 	const taken = new Array(len);
 
 	while (n--) {
-		const x = Math.floor(fraction() * len);
-		result[n] = words[x in taken ? taken[x] : x];
+		const x = Math.floor(getRandomFraction() * len);
+		result[n] = wordList[x in taken ? taken[x] : x];
 		taken[x] = --len in taken ? taken[len] : len;
 	}
 	return result.join(sep);

diff --git a/app/e2e/client/rocketchat.e2e.js b/app/e2e/client/rocketchat.e2e.js
@@ -136,7 +136,7 @@ class E2E extends Emitter {
 		if (!this.db_public_key || !this.db_private_key) {
 			await call('e2e.setUserPublicAndPrivateKeys', {
 				public_key: Meteor._localStorage.getItem('public_key'),
-				private_key: await this.encodePrivateKey(Meteor._localStorage.getItem('private_key'), this.createRandomPassword()),
+				private_key: await this.encodePrivateKey(Meteor._localStorage.getItem('private_key'), await this.createRandomPassword()),
 			});
 		}
 
@@ -256,8 +256,8 @@ class E2E extends Emitter {
 		call('e2e.requestSubscriptionKeys');
 	}
 
-	createRandomPassword() {
-		const randomPassword = generateMnemonicPhrase(5);
+	async createRandomPassword() {
+		const randomPassword = await generateMnemonicPhrase(5);
 		Meteor._localStorage.setItem('e2e.randomPassword', randomPassword);
 		return randomPassword;
 	}

diff --git a/app/e2e/client/wordList.ts b/app/e2e/client/wordList.ts
@@ -1,4 +1,4 @@
-export const words = [
+export default [
 	'acrobat',
 	'africa',
 	'alaska',

diff --git a/lib/random.ts b/lib/random.ts
@@ -7,3 +7,10 @@ import { Random } from 'meteor/random';
  * @returns a unique identifier, such as `"Jjwjg6gouWLXhMGKW"`, that is likely to be unique in the whole world
  */
 export const getRandomId = (length?: number): string => Random.id(length);
+
+/**
+ * Facade for Meteor's `Random.fraction` function
+ *
+ * @returns a strong random number between 0 and 1
+ */
+export const getRandomFraction = (): number => Random.fraction();