sysrandom 1.0.0 → 1.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +0 -6
- data/CHANGES.md +15 -0
- data/README.md +22 -12
- data/ext/sysrandom/randombytes_sysrandom.c +37 -4
- data/lib/sysrandom/version.rb +1 -1
- data/lib/sysrandom.rb +7 -4
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 45c1dd03f5f7845b10731b29830035e09e8ccb8f
|
4
|
+
data.tar.gz: 758b5a0669875cad1a90cc6b8f3c685ab1c9002f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2546ede22a85b518248a0e81ad21bedb5a3267c2cd358500498be82b0582ded90cf28908dc8cdfab64f8b33e8567e03e525179acf3a4d184aefcc7d54790527c
|
7
|
+
data.tar.gz: 52489195938140051a78dc8e005de1c9e09eb4614a396e9206cb60acad5f7b7f39fca3ff8e8da7e87123a43cad6b77ac6237858e55934e443d8c9ea375ac9542
|
data/.rubocop.yml
CHANGED
data/CHANGES.md
CHANGED
@@ -1,3 +1,18 @@
|
|
1
|
+
## 1.0.1 (2016-05-29)
|
2
|
+
|
3
|
+
* [#11](https://github.com/cryptosphere/sysrandom/pull/11)
|
4
|
+
Use NativePRNGNonBlocking for JRuby if available.
|
5
|
+
([@coda])
|
6
|
+
|
7
|
+
* [#8](https://github.com/cryptosphere/sysrandom/pull/8)
|
8
|
+
Upstream libsodium change: wait for `/dev/random` to be seeded before reading from `/dev/urandom`.
|
9
|
+
([@tarcieri])
|
10
|
+
|
11
|
+
|
1
12
|
## 1.0.0 (2016-05-28)
|
2
13
|
|
3
14
|
* Initial release.
|
15
|
+
|
16
|
+
|
17
|
+
[@tarcieri]: https://github.com/tarcieri
|
18
|
+
[@coda]: https://github.com/coda
|
data/README.md
CHANGED
@@ -6,10 +6,19 @@
|
|
6
6
|
|
7
7
|
Secure random number generation for Ruby using system RNG facilities e.g. `/dev/urandom`, `getrandom(2)`
|
8
8
|
|
9
|
-
##
|
9
|
+
## Why?
|
10
|
+
|
11
|
+
System/OS-level random number generators like `/dev/urandom` and `getrandom(2)`
|
12
|
+
provide the best option for generating cryptographically secure random numbers.
|
13
|
+
|
14
|
+
Ruby's built-in SecureRandom does not provide this, but instead uses OpenSSL's
|
15
|
+
userspace RNG. This has been a [source of vulnerabilities][emboss] in Ruby, and
|
16
|
+
an [open Ruby bug ticket][bug] contains much discussion on the issue with no
|
17
|
+
clear path to resolution.
|
10
18
|
|
11
|
-
|
12
|
-
|
19
|
+
This gem aims to solve the problem.
|
20
|
+
|
21
|
+
## Description
|
13
22
|
|
14
23
|
In cryptography circles, [the prevailing advice is to use OS RNG functionality][/dev/urandom],
|
15
24
|
namely `/dev/urandom` or equivalent calls which use an OS-level CSPRNG to
|
@@ -22,21 +31,22 @@ cryptographic keys, initialization vectors, or nonces.
|
|
22
31
|
|
23
32
|
The following random number generators are utilized:
|
24
33
|
|
25
|
-
|
|
26
|
-
|
27
|
-
| Linux
|
28
|
-
| Windows
|
29
|
-
| OpenBSD
|
30
|
-
| JRuby
|
31
|
-
| Others
|
34
|
+
| Platform | RNG |
|
35
|
+
|----------|--------------------------------------------------------|
|
36
|
+
| Linux | [getrandom(2)] if available, otherwise [/dev/urandom] |
|
37
|
+
| Windows | [RtlGenRandom] CryptGenRandom without CryptoAPI deps |
|
38
|
+
| OpenBSD | [arc4random(3)] with ChaCha20 CSPRNG (not RC4) |
|
39
|
+
| JRuby | [NativePRNGNonBlocking] on Java 8, otherwise SHA1PRNG |
|
40
|
+
| Others | [/dev/urandom] |
|
32
41
|
|
33
|
-
[
|
42
|
+
[emboss]: https://emboss.github.io/blog/2013/08/21/openssl-prng-is-not-really-fork-safe/
|
43
|
+
[bug]: https://bugs.ruby-lang.org/issues/9569
|
34
44
|
[libsodium]: https://github.com/jedisct1/libsodium
|
35
45
|
[getrandom(2)]: http://man7.org/linux/man-pages/man2/getrandom.2.html
|
36
46
|
[/dev/urandom]: http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/
|
37
47
|
[RtlGenRandom]: https://msdn.microsoft.com/en-us/library/windows/desktop/aa387694(v=vs.85).aspx
|
38
48
|
[arc4random(3)]: http://man.openbsd.org/arc4random.3
|
39
|
-
[
|
49
|
+
[NativePRNGNonBlocking]: https://tersesystems.com/2015/12/17/the-right-way-to-use-securerandom/
|
40
50
|
|
41
51
|
## Supported Platforms
|
42
52
|
|
@@ -1,5 +1,5 @@
|
|
1
1
|
/*
|
2
|
-
*
|
2
|
+
* randombytes_sysrandom.c: adapted from libsodium
|
3
3
|
* Copyright (c) 2013-2016 Frank Denis <j at pureftpd dot org>
|
4
4
|
* https://github.com/jedisct1/libsodium
|
5
5
|
*/
|
@@ -12,6 +12,7 @@
|
|
12
12
|
#endif
|
13
13
|
#ifdef __linux__
|
14
14
|
# include <sys/syscall.h>
|
15
|
+
# include <poll.h>
|
15
16
|
#endif
|
16
17
|
|
17
18
|
#include <assert.h>
|
@@ -102,6 +103,33 @@ safe_read(const int fd, void * const buf_, size_t size)
|
|
102
103
|
#endif
|
103
104
|
|
104
105
|
#ifndef _WIN32
|
106
|
+
# if defined(__linux__) && !defined(USE_BLOCKING_RANDOM)
|
107
|
+
static int
|
108
|
+
randombytes_block_on_dev_random(void)
|
109
|
+
{
|
110
|
+
struct pollfd pfd;
|
111
|
+
int fd;
|
112
|
+
int pret;
|
113
|
+
|
114
|
+
fd = open("/dev/random", O_RDONLY);
|
115
|
+
if (fd == -1) {
|
116
|
+
return 0;
|
117
|
+
}
|
118
|
+
pfd.fd = fd;
|
119
|
+
pfd.events = POLLIN;
|
120
|
+
pfd.revents = 0;
|
121
|
+
do {
|
122
|
+
pret = poll(&pfd, 1, -1);
|
123
|
+
} while (pret < 0 && (errno == EINTR || errno == EAGAIN));
|
124
|
+
if (pret != 1) {
|
125
|
+
(void) close(fd);
|
126
|
+
errno = EIO;
|
127
|
+
return -1;
|
128
|
+
}
|
129
|
+
return close(fd);
|
130
|
+
}
|
131
|
+
# endif
|
132
|
+
|
105
133
|
static int
|
106
134
|
__randombytes_sysrandom_random_dev_open(void)
|
107
135
|
{
|
@@ -116,6 +144,11 @@ __randombytes_sysrandom_random_dev_open(void)
|
|
116
144
|
const char ** device = devices;
|
117
145
|
int fd;
|
118
146
|
|
147
|
+
# if defined(__linux__) && !defined(USE_BLOCKING_RANDOM)
|
148
|
+
if (randombytes_block_on_dev_random() != 0) {
|
149
|
+
return -1;
|
150
|
+
}
|
151
|
+
# endif
|
119
152
|
do {
|
120
153
|
fd = open(*device, O_RDONLY);
|
121
154
|
if (fd != -1) {
|
@@ -145,7 +178,7 @@ __randombytes_sysrandom_random_dev_open(void)
|
|
145
178
|
/* LCOV_EXCL_STOP */
|
146
179
|
}
|
147
180
|
|
148
|
-
#
|
181
|
+
# if defined(SYS_getrandom) && defined(__NR_getrandom)
|
149
182
|
static int
|
150
183
|
_randombytes_linux_getrandom(void * const buf, const size_t size)
|
151
184
|
{
|
@@ -186,7 +219,7 @@ __randombytes_sysrandom_init(void)
|
|
186
219
|
{
|
187
220
|
const int errno_save = errno;
|
188
221
|
|
189
|
-
#
|
222
|
+
# if defined(SYS_getrandom) && defined(__NR_getrandom)
|
190
223
|
{
|
191
224
|
unsigned char fodder[16];
|
192
225
|
|
@@ -240,7 +273,7 @@ __randombytes_sysrandom_buf(void * const buf, const size_t size)
|
|
240
273
|
assert(size <= ULONG_LONG_MAX);
|
241
274
|
#endif
|
242
275
|
#ifndef _WIN32
|
243
|
-
#
|
276
|
+
# if defined(SYS_getrandom) && defined(__NR_getrandom)
|
244
277
|
if (stream.getrandom_available != 0) {
|
245
278
|
if (randombytes_linux_getrandom(buf, size) != 0) {
|
246
279
|
abort();
|
data/lib/sysrandom/version.rb
CHANGED
data/lib/sysrandom.rb
CHANGED
@@ -12,10 +12,13 @@ module Sysrandom
|
|
12
12
|
if defined?(JRUBY_VERSION)
|
13
13
|
require "java"
|
14
14
|
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
15
|
+
begin
|
16
|
+
# Try to use the new NativePRNGNonBlocking algorithm introduced in Java 8.
|
17
|
+
@_java_secure_random = java.security.SecureRandom.getInstance("NativePRNGNonBlocking")
|
18
|
+
rescue
|
19
|
+
# If unavailable, fall back to the default configuration. This will
|
20
|
+
# probably be SHA1PRNG, but it depends on the JRE's configuration.
|
21
|
+
@_java_secure_random = java.security.SecureRandom.new
|
19
22
|
end
|
20
23
|
|
21
24
|
# Random uint32, used by random_number. The C extension provides an equivalent method
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sysrandom
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tony Arcieri
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-05-
|
11
|
+
date: 2016-05-30 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: Sysrandom generates secure random numbers using /dev/urandom, getrandom(),
|
14
14
|
etc
|