use_urandom 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: fb0f96584360eb42b51d25fa9fbe109a0bda441c
4
- data.tar.gz: 7b4ab244cd02b8327266a7eccb2ab54cec589d99
3
+ metadata.gz: b43c4f499467f86061edcf8d3e037cdace0602f2
4
+ data.tar.gz: 5ce99576a00ed9acff19932dee27a9ef32fc1f83
5
5
  SHA512:
6
- metadata.gz: 5ab9b49e1aeb578344673ef89a95743ac4063277f46fa6c1ebf7a0b4bd8a0c396bf55c222810bd89081fd73c170bd47f9ce0326f5dc7f370c15c8a9b27a6a687
7
- data.tar.gz: 71631400b6a866670909e7e22f937776c1c533d01af7b9789be05966172d15e5b897fbe9ec99d3c3199e22ced36aa71d985489343d621a39c2a8a30f26317282
6
+ metadata.gz: ddc300a28ef2c8f909caf1704a6216ecf9084afba3e1157b90078c47e3b0e4cda33d1dea43cb20cc94605fd9d38df41988d00d7d279b6757da6d9f29b22d70a4
7
+ data.tar.gz: 833ca09b336e4c1f0bfd2089b9dfddca7bdbb23377a1e87574a28c0d1277580f8803632b58ac5652503a1a46be1c2df39a0d754d7f2d4ed733fc9e76e2f0758e
data/README.md CHANGED
@@ -1,33 +1,30 @@
1
1
  # UseUrandom
2
-
2
+ Turns out, Ruby's SecureRandom makes some poor design decisions.
3
3
  This gem monkey patches SecureRandom to use /dev/urandom.
4
4
 
5
- ## Installation
6
-
7
- Add this line to your application's Gemfile:
8
-
9
- ```ruby
10
- gem 'use_urandom'
11
- ```
12
-
13
- And then execute:
14
-
15
- $ bundle
16
-
17
- Or install it yourself as:
18
-
19
- $ gem install use_urandom
5
+ ## FAQ
6
+ ### Why write this and what is wrong with SecureRandom?
7
+ There are a lot of material involved in answering this, but the best starting point is [this HN thread, from which this gem was inspired](https://news.ycombinator.com/item?id=11624890)
8
+ ### What about Random.raw_seed?
9
+ The purpose of this gem, as per the name, is to use /dev/urandom. That function takes several code paths, one possibility of which, is reading /dev/urandom. raw_seed() meanwhile, is written in C, and packed with #define's that control flow. I don't intend on auditing it line by line, and the fact this gem is necessary reduces needed limits my confidence in it.
10
+ ### But my server will run out of entropy!
11
+ If you truly believe that, don't use this gem. Definitely don't open an issue demonstrating ignorance.
20
12
 
21
13
  ## Usage
22
14
 
23
15
  This gem is in the super pre-alpha stage and shouldn't be used.
16
+ Just require it in your application:
17
+
18
+ ```ruby
19
+ require 'use_urandom'
20
+ ```
24
21
 
22
+ Any calls to SecureRandom will automatically get redirected to a read on /dev/urandom. Any failures get pushed back to the original code, with a warning raised.
25
23
 
26
24
  ## Contributing
27
25
 
28
26
  Bug reports and pull requests are welcome on GitHub at https://github.com/technion/use_urandom.
29
27
 
30
-
31
28
  ## License
32
29
 
33
30
  The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
@@ -1,14 +1,19 @@
1
1
  require "use_urandom/version"
2
2
 
3
3
  module SecureRandom
4
+ # A constant for the file path used
5
+
6
+ URANDOM = "/dev/urandom"
7
+ # Hooks SecureRandom's self.gen_random
4
8
  class << self
5
9
  alias_method :original_gen_random, :gen_random
6
10
 
7
11
  def gen_random(n)
8
12
  begin
9
- UseUrandom::urandom(n)
13
+ UseUrandom.urandom(n)
10
14
  rescue
11
- warn "Using original"
15
+ # Fallback code - UseRandom raises exceptions on any problem
16
+ warn "Using original SecureRandom"
12
17
  original_gen_random(n)
13
18
  end
14
19
  end
@@ -16,13 +21,15 @@ module SecureRandom
16
21
  end
17
22
 
18
23
  module UseUrandom
19
- URANDOM = "/dev/urandom"
20
24
 
25
+ # Reads 'n' bytes from URANDOm
21
26
  def self.urandom(n)
22
- device = ($urandom_file_test.nil?) ? URANDOM : $urandom_file_test
23
- fh = File.open device, 'rb'
24
- raise "Invalid urandom file" unless (fh.stat.uid == 0 && fh.stat.gid == 0)
27
+ # Facilitates testing
28
+ fh = File.open SecureRandom::URANDOM, 'rb'
29
+ # Sanity test - owned by root
30
+ raise "Invalid urandom file" unless (fh.stat.uid == 0 && fh.stat.chardev?)
25
31
  data = fh.read(n)
32
+ fh.close
26
33
  raise "Not enough data read" unless data.size == n
27
34
  data
28
35
  end
@@ -1,3 +1,3 @@
1
1
  module UseUrandom
2
- VERSION = "0.1.0"
2
+ VERSION = "0.2.0"
3
3
  end
@@ -22,4 +22,5 @@ Gem::Specification.new do |spec|
22
22
  spec.add_development_dependency "bundler", "~> 1.11"
23
23
  spec.add_development_dependency "rake", "~> 10.0"
24
24
  spec.add_development_dependency "minitest", "~> 5.0"
25
+ spec.add_development_dependency "minitest-stub-const" , "~> 0.5"
25
26
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: use_urandom
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Technion
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2016-05-04 00:00:00.000000000 Z
11
+ date: 2016-05-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -52,6 +52,20 @@ dependencies:
52
52
  - - "~>"
53
53
  - !ruby/object:Gem::Version
54
54
  version: '5.0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: minitest-stub-const
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '0.5'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '0.5'
55
69
  description: Prefer urandom to OpenSSL
56
70
  email:
57
71
  - technion@lolware.net