Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: [SIW-1310] Generation of cryptographically secure UUIDs #170

Merged
merged 3 commits into from
Jan 27, 2025
Merged

chore: [SIW-1310] Generation of cryptographically secure UUIDs #170

merged 3 commits into from
Jan 27, 2025

Conversation

RiccardoMolinari95
Copy link
Collaborator

@RiccardoMolinari95 RiccardoMolinari95 commented Jan 2, 2025
edited
Loading

This PR replaces the library used for UUID generation. The react-native-uuid library, which relies on Math.random, is replaced with the uuid library, which utilizes Crypto.getRandomValues() for cryptographically secure random values.

List of Changes

  • Added react-native-get-random-values polyfill to use Crypto.getRandomValues()

Motivation and Context

This change is required to enhance the security of UUID generation. The previous library, react-native-uuid, uses a pseudo-random generator based on Math.random, which is not suitable for cryptographic purposes. The new library, uuid, uses Crypto.getRandomValues(), providing a higher level of randomness and security.

How Has This Been Tested?

All functionality should work as before

Warning

Not tested on iOS

Checklist:

  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.

@RiccardoMolinari95 RiccardoMolinari95 requested a review from a team as a code owner January 2, 2025 16:14
@RiccardoMolinari95 RiccardoMolinari95 self-assigned this Jan 2, 2025
mastro993
mastro993 approved these changes Jan 14, 2025
View reviewed changes
Copy link
Contributor

@mastro993 mastro993 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, tested on iOS and everything work as expected. Great job

@mastro993 mastro993 added this pull request to the merge queue Jan 27, 2025
Merged via the queue into master with commit 56ad858 Jan 27, 2025
6 checks passed
@mastro993 mastro993 deleted the SIW-1310-secure-uuid-generation branch January 27, 2025 15:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mastro993 mastro993 mastro993 approved these changes

@datalek datalek Awaiting requested review from datalek datalek is a code owner automatically assigned from pagopa/io-wallet

@manuraf manuraf Awaiting requested review from manuraf manuraf is a code owner automatically assigned from pagopa/io-wallet

Assignees

@RiccardoMolinari95 RiccardoMolinari95

Labels
chore example
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@RiccardoMolinari95 @mastro993