Skip to content

Latest commit

 

History

History
96 lines (96 loc) · 4.4 KB

imports.md

File metadata and controls

96 lines (96 loc) · 4.4 KB

World imports

Import interface wasi:random/[email protected]

WASI Random is a random data API.

It is intended to be portable at least between Unix-family platforms and Windows.


Functions

get-random-bytes: func

Return len cryptographically-secure random or pseudo-random bytes.

This function must produce data at least as cryptographically secure and fast as an adequately seeded cryptographically-secure pseudo-random number generator (CSPRNG). It must not block, from the perspective of the calling program, under any circumstances, including on the first request and on requests for numbers of bytes. The returned data must always be unpredictable.

This function must always return fresh data. Deterministic environments must omit this function, rather than implementing it with deterministic data.

Params
  • len: u64
Return values
  • list<u8>

get-random-u64: func

Return a cryptographically-secure random or pseudo-random u64 value.

This function returns the same type of data as get-random-bytes, represented as a u64.

Return values
  • u64

Import interface wasi:random/[email protected]

The insecure interface for insecure pseudo-random numbers.

It is intended to be portable at least between Unix-family platforms and Windows.


Functions

get-insecure-random-bytes: func

Return len insecure pseudo-random bytes.

This function is not cryptographically secure. Do not use it for anything related to security.

There are no requirements on the values of the returned bytes, however implementations are encouraged to return evenly distributed values with a long period.

Params
  • len: u64
Return values
  • list<u8>

get-insecure-random-u64: func

Return an insecure pseudo-random u64 value.

This function returns the same type of pseudo-random data as get-insecure-random-bytes, represented as a u64.

Return values
  • u64

Import interface wasi:random/[email protected]

The insecure-seed interface for seeding hash-map DoS resistance.

It is intended to be portable at least between Unix-family platforms and Windows.


Functions

insecure-seed: func

Return a 128-bit value that may contain a pseudo-random value.

The returned value is not required to be computed from a CSPRNG, and may even be entirely deterministic. Host implementations are encouraged to provide pseudo-random values to any program exposed to attacker-controlled content, to enable DoS protection built into many languages' hash-map implementations.

This function is intended to only be called once, by a source language to initialize Denial Of Service (DoS) protection in its hash-map implementation.

Expected future evolution

This will likely be changed to a value import, to prevent it from being called multiple times and potentially used for purposes other than DoS protection.

Return values
  • (u64, u64)