decide.nolog.cz/app/utils/generate-passphrase.js

/*
 * generates a passphrase
 *
 * uses window.crypto.getRandomValues() if it's supported by current browsers
 * otherwise uses a fallback to Math.floor() which is not cryptographically strong
 *
 * implementation by Aaron Toponce:
 *   https://pthree.org/2014/06/25/cryptographically-secure-passphrases-in-d-note/
 */
export default function (length) {
  let passphrase = '';
  const possible =
    'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
  const randomArray = new Uint32Array(length);

  // Make some attempt at preferring a strong CSPRNG first
  if (window.crypto && window.crypto.getRandomValues) {
    // Desktop Chrome 11.0, Firefox 21.0, Opera 15.0, Safari 3.1
    // Mobile Chrome 23, Firefox 21.0, iOS 6
    window.crypto.getRandomValues(randomArray);
  } else if (window.msCrypto && window.msCrypto.getRandomValues) {
    // IE 11
    window.msCrypto.getRandomValues(randomArray);
  } else {
    // Android browser, IE Mobile, Opera Mobile, older desktop browsers
    for (let i = length; i--; ) {
      randomArray[i] = Math.floor(Math.random() * Math.pow(2, 32));
    }
  }

  for (let j = length; j--; ) {
    passphrase += possible.charAt(Math.floor(randomArray[j] % possible.length));
  }

  return passphrase;
}
stronger passphrase using window.crypto if supported by browser 2015-01-24 14:17:52 +01:00			`/*`
			`* generates a passphrase`
fix some more code style issues 2016-01-28 23:48:14 +01:00			`*`
stronger passphrase using window.crypto if supported by browser 2015-01-24 14:17:52 +01:00			`* uses window.crypto.getRandomValues() if it's supported by current browsers`
			`* otherwise uses a fallback to Math.floor() which is not cryptographically strong`
fix some more code style issues 2016-01-28 23:48:14 +01:00			`*`
stronger passphrase using window.crypto if supported by browser 2015-01-24 14:17:52 +01:00			`* implementation by Aaron Toponce:`
			`* https://pthree.org/2014/06/25/cryptographically-secure-passphrases-in-d-note/`
			`*/`
upgrade to Ember 3.28 blueprints (#647) 2023-10-15 20:37:03 +02:00			`export default function (length) {`
fix some more code style issues 2016-01-28 23:48:14 +01:00			`let passphrase = '';`
upgrade to Ember 3.28 blueprints (#647) 2023-10-15 20:37:03 +02:00			`const possible =`
			`'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';`
fix some more code style issues 2016-01-28 23:48:14 +01:00			`const randomArray = new Uint32Array(length);`
stronger passphrase using window.crypto if supported by browser 2015-01-24 14:17:52 +01:00
intend by 2 spaces 2015-07-07 11:52:46 +02:00			`// Make some attempt at preferring a strong CSPRNG first`
			`if (window.crypto && window.crypto.getRandomValues) {`
			`// Desktop Chrome 11.0, Firefox 21.0, Opera 15.0, Safari 3.1`
			`// Mobile Chrome 23, Firefox 21.0, iOS 6`
fix some more code style issues 2016-01-28 23:48:14 +01:00			`window.crypto.getRandomValues(randomArray);`
			`} else if (window.msCrypto && window.msCrypto.getRandomValues) {`
intend by 2 spaces 2015-07-07 11:52:46 +02:00			`// IE 11`
fix some more code style issues 2016-01-28 23:48:14 +01:00			`window.msCrypto.getRandomValues(randomArray);`
			`} else {`
intend by 2 spaces 2015-07-07 11:52:46 +02:00			`// Android browser, IE Mobile, Opera Mobile, older desktop browsers`
upgrade to Ember 3.28 blueprints (#647) 2023-10-15 20:37:03 +02:00			`for (let i = length; i--; ) {`
fix some more code style issues 2016-01-28 23:48:14 +01:00			`randomArray[i] = Math.floor(Math.random() * Math.pow(2, 32));`
stronger passphrase using window.crypto if supported by browser 2015-01-24 14:17:52 +01:00			`}`
intend by 2 spaces 2015-07-07 11:52:46 +02:00			`}`
stronger passphrase using window.crypto if supported by browser 2015-01-24 14:17:52 +01:00
upgrade to Ember 3.28 blueprints (#647) 2023-10-15 20:37:03 +02:00			`for (let j = length; j--; ) {`
fix some more code style issues 2016-01-28 23:48:14 +01:00			`passphrase += possible.charAt(Math.floor(randomArray[j] % possible.length));`
intend by 2 spaces 2015-07-07 11:52:46 +02:00			`}`
stronger passphrase using window.crypto if supported by browser 2015-01-24 14:17:52 +01:00
fix some more code style issues 2016-01-28 23:48:14 +01:00			`return passphrase;`
intend by 2 spaces 2015-07-07 11:52:46 +02:00			`}`