We currently have a cheesy random and secure random, which use the same implementation for generating random numbers. (We are going to ignore the mock testing code here). This patch introduces a fast random and secure random. The fast random maintains the same properties as the previous implementation, while secure random will use the cryptographically secure arc4random_uniform to give better randomness. arc4random() can be quite an expensive operation and based on discussing with Yusuke he found heavy performance penalties when using this in JSC. Our secure random shall only be used in cases where true randomness is needed. We have 2 spots where we currently use secure random we shall just migrate those over to using fast random.
Can we re-use WTF::WeakRandom for this (or reuse the alogrithm)?
Pull request: https://github.com/WebKit/WebKit/pull/379
(In reply to Geoffrey Garen from comment #1) > Can we re-use WTF::WeakRandom for this (or reuse the alogrithm)? We could probably reimplement the WeakRandom algorithm to replace the fast generator (just took a brief look at the code). The main goal of this patch was to separate the fast and secure random generator, and provide a suitable secure random generator. Replacing the fast random generator can be further investigated in a future patch.
OK, got it!
Committed r293518 (250049@main): <https://commits.webkit.org/250049@main> Reviewed commits have been landed. Closing PR #379 and removing active labels.
<rdar://problem/92406887>