Automatically migrated from Gitolite
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Sven Slootweg 5899a8e06f This isn't CoffeeScript... 8 years ago
lib Fix incorrect output issue with large numbers (and add a changelog). Closes #1. 8 years ago
src Fix incorrect output issue with large numbers (and add a changelog). Closes #1. 8 years ago
.gitignore Ignore NPM debug logs 8 years ago Fix incorrect output issue with large numbers (and add a changelog). Closes #1. 8 years ago
gulpfile.js This isn't CoffeeScript... 8 years ago
index.js Initial release 8 years ago
package.json 1.0.2 8 years ago
test-distribution.js Initial release 8 years ago


A CommonJS module for generating cryptographically secure pseudo-random numbers.

Works in Node.js, and should work in the browser as well, using Webpack or Browserify.

This module is based on code originally written by Scott Arciszewski, released under the WTFPL / CC0 / ZAP.


WTFPL or CC0, whichever you prefer. A donation and/or attribution are appreciated, but not required.


My income consists largely of donations for my projects. If this module is useful to you, consider making a donation!

You can donate using Bitcoin, PayPal, Flattr, cash-in-mail, SEPA transfers, and pretty much anything else.


Pull requests welcome. Please make sure your modifications are in line with the overall code style, and ensure that you're editing the files in src/, not those in lib/.

Build tool of choice is gulp; simply run gulp while developing, and it will watch for changes.

Be aware that by making a pull request, you agree to release your modifications under the licenses stated above.


This module will return the result asynchronously - this is necessary to avoid blocking your entire application while generating a number.

An example:

var Promise = require("bluebird");
var randomNumber = require("random-number-csprng");

Promise.try(function() {
	return randomNumber(10, 30);
}).then(function(number) {
	console.log("Your random number:", number);
}).catch({code: "RandomGenerationError"}, function(err) {
	console.log("Something went wrong!");


randomNumber(minimum, maximum, [cb])

Returns a Promise that resolves to a random number within the specified range.

Note that the range is inclusive, and both numbers must be integer values. It is not possible to securely generate a random value for floating point numbers, so if you are working with fractional numbers (eg. 1.24), you will have to decide on a fixed 'precision' and turn them into integer values (eg. 124).

  • minimum: The lowest possible value in the range.
  • maximum: The highest possible value in the range. Inclusive.

Optionally also accepts a nodeback as cb, but seriously, you should be using Promises.


Any errors that occur during the random number generation process will be of this type. The error object will also have a code property, set to the string "RandomGenerationError".

The error message will provide more information, but this kind of error will generally mean that the arguments you've specified are somehow invalid.


  • 1.0.2 (March 8, 2016): Security release! Patched handling of large numbers; input values are now checked for MIN_SAFE_INTEGER and MAX_SAFE_INTEGER, and the correct bitwise operator is used (>>> rather than >>).
  • 1.0.1 (March 8, 2016): Unimportant file cleanup.
  • 1.0.0 (March 8, 2016): Initial release.