Secure random number generation.

[elliotwutingfeng]

Summary

• Add a Node-compatible secure Random implementation that uses Node's crypto.randomInt(); all other JS platforms are compatible with the default Random.secure().
• Avoid mixing predictable datetime output with CSPRNG output.

Tested with

dart test -p vm,chrome,node -c kernel,dart2js,dart2wasm test/random/random_test.dart

Changes

• generator_vm.dart
  • Avoid mixing predictable datetime output with CSPRNG output.
• generator_js.dart
  • Avoid mixing predictable datetime output with CSPRNG output.
  • Added NodeRandom as an implementation of Random for NodeJS.
  • nextInt(max) draws 32-bit values from Node crypto, supports max ∈ [1, 2^32].
  • secureRandom() uses Random.secure() for web browsers, and NodeRandom for Node.js.
  • $generateSeed() delegates to secureRandom().
• generators.dart
  • Fixed spelling of _hashGenerator

Notes

• Consider adjusting $generateSeed() to request the full 2^32 range (_mask32 + 1) to cover the entire 32-bit space.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.

Files with missing lines	Coverage Δ
lib/src/random/generator_vm.dart	100.00% <100.00%> (ø)
lib/src/random/generators.dart	100.00% <100.00%> (ø)

[dipu-bd]

Thanks for the improvement. This update was long overdue, and I had neglected to make it earlier.

[dipu-bd]

FYI, to continue supporting current minimum Dart SDK (2.19), I had to do some modifications to the code. Dart v2.19 does not support js_interop. Please review the code if all is good. Thanks.