You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
sioutil: add Random and MustRandom helper functions
This commit adds two helper functions for generating
random bytes.
As a user of `sio` you may need to generate a random nonce:
```
import "crypto/rand"
nonce := make([]byte, stream.NonceSize())
if _, err = io.ReadFull(rand.Reader, nonce); err != nil {
// TODO: error handling
}
```
Such code is quite tedious to write / verbose and has two style
issues:
- It requires some care to ALWAYS use "crypto/rand" as source
of entropy. Especially, with editor / IDE tooling like goimports
it is easy to import an insecure (b/c no CSPRNG) entropy source.
- Often applications cannot / do not implement reasonable error
handling. Usually, an application cannot recover into a reasonable
state when it cannot read from the entropy source of the system.
This situation is kind of similar to running out-of-memory.
With the new helper functions a library (which may prefer to not panic)
can do just:
```
nonce, err := sioutil.Random(stream.NonceSize())
if err != nil {
// TODO: error handling - usually return to caller.
}
```
An application may want to call:
`nonce := sioutil.MustRandom(stream.NonceSize())` instead.
0 commit comments