webget_ruby_secure_random 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data.tar.gz.sig +2 -0
- data/lib/webget_ruby_secure_random.rb +154 -0
- data/test/webget_ruby_secure_random_test.rb +48 -0
- metadata +78 -0
- metadata.gz.sig +0 -0
data.tar.gz.sig
ADDED
@@ -0,0 +1,154 @@
|
|
1
|
+
=begin rdoc
|
2
|
+
|
3
|
+
= WebGet Ruby Gem: secure random number generator interface for Ruby 1.86 backported from 1.8.7
|
4
|
+
|
5
|
+
Author:: Joel Parker Henderson, joelparkerhenderson@gmail.com
|
6
|
+
Copyright:: Copyright the original author; I merely made it into a gem.
|
7
|
+
License:: CreativeCommons License, Non-commercial Share Alike
|
8
|
+
License:: LGPL, GNU Lesser General Public License
|
9
|
+
|
10
|
+
This gem is intended for use with Ruby 1.8.6 only.
|
11
|
+
|
12
|
+
This gem is a backport of the built-in securerandom method from Ruby 1.8.7.
|
13
|
+
|
14
|
+
This library is an interface for secure random number generator which is
|
15
|
+
suitable for generating session key in HTTP cookies, etc.
|
16
|
+
|
17
|
+
It supports following secure random number generators.
|
18
|
+
|
19
|
+
* openssl
|
20
|
+
* /dev/urandom
|
21
|
+
|
22
|
+
Examples
|
23
|
+
SecureRandom.hex(10) => "52750b30ffbc7de3b362"
|
24
|
+
SecureRandom.hex(10) => "92b15d6c8dc4beb5f559"
|
25
|
+
SecureRandom.hex(11) => "6aca1b5c58e4863e6b81b8"
|
26
|
+
SecureRandom.hex(12) => "94b2fff3e7fd9b9c391a2306"
|
27
|
+
SecureRandom.hex(13) => "39b290146bea6ce975c37cfc23"
|
28
|
+
|
29
|
+
Examples
|
30
|
+
SecureRandom.base64(10) => "EcmTPZwWRAozdA=="
|
31
|
+
SecureRandom.base64(10) => "9b0nsevdwNuM/w=="
|
32
|
+
SecureRandom.base64(10) => "KO1nIU+p9DKxGg=="
|
33
|
+
SecureRandom.base64(11) => "l7XEiFja+8EKEtY="
|
34
|
+
SecureRandom.base64(12) => "7kJSM/MzBJI+75j8"
|
35
|
+
SecureRandom.base64(13) => "vKLJ0tXBHqQOuIcSIg=="
|
36
|
+
|
37
|
+
Examples
|
38
|
+
SecureRandom.random_bytes(10) => "\016\t{\370g\310pbr\301"
|
39
|
+
SecureRandom.random_bytes(10) => "\323U\030TO\234\357\020\a\337"
|
40
|
+
|
41
|
+
=end
|
42
|
+
|
43
|
+
|
44
|
+
begin
|
45
|
+
require 'openssl'
|
46
|
+
rescue LoadError
|
47
|
+
end
|
48
|
+
|
49
|
+
module SecureRandom
|
50
|
+
# SecureRandom.random_bytes generates a random binary string.
|
51
|
+
#
|
52
|
+
# The argument n specifies the length of the result string.
|
53
|
+
#
|
54
|
+
# If n is not specified, 16 is assumed.
|
55
|
+
# It may be larger in future.
|
56
|
+
#
|
57
|
+
# If secure random number generator is not available,
|
58
|
+
# NotImplementedError is raised.
|
59
|
+
def self.random_bytes(n=nil)
|
60
|
+
n ||= 16
|
61
|
+
if defined? OpenSSL::Random
|
62
|
+
return OpenSSL::Random.random_bytes(n)
|
63
|
+
end
|
64
|
+
if !defined?(@has_urandom) || @has_urandom
|
65
|
+
@has_urandom = false
|
66
|
+
flags = File::RDONLY
|
67
|
+
flags |= File::NONBLOCK if defined? File::NONBLOCK
|
68
|
+
flags |= File::NOCTTY if defined? File::NOCTTY
|
69
|
+
flags |= File::NOFOLLOW if defined? File::NOFOLLOW
|
70
|
+
begin
|
71
|
+
File.open("/dev/urandom", flags) {|f|
|
72
|
+
unless f.stat.chardev?
|
73
|
+
raise Errno::ENOENT
|
74
|
+
end
|
75
|
+
@has_urandom = true
|
76
|
+
ret = f.readpartial(n)
|
77
|
+
if ret.length != n
|
78
|
+
raise NotImplementedError, "Unexpected partial read from random device"
|
79
|
+
end
|
80
|
+
return ret
|
81
|
+
}
|
82
|
+
rescue Errno::ENOENT
|
83
|
+
raise NotImplementedError, "No random device"
|
84
|
+
end
|
85
|
+
end
|
86
|
+
raise NotImplementedError, "No random device"
|
87
|
+
end
|
88
|
+
|
89
|
+
# SecureRandom.hex generates a random hex string.
|
90
|
+
#
|
91
|
+
# The argument n specifies the length of the random length.
|
92
|
+
# The length of the result string is twice of n.
|
93
|
+
#
|
94
|
+
# If n is not specified, 16 is assumed.
|
95
|
+
# It may be larger in future.
|
96
|
+
#
|
97
|
+
# If secure random number generator is not available,
|
98
|
+
# NotImplementedError is raised.
|
99
|
+
def self.hex(n=nil)
|
100
|
+
random_bytes(n).unpack("H*")[0]
|
101
|
+
end
|
102
|
+
|
103
|
+
# SecureRandom.base64 generates a random base64 string.
|
104
|
+
#
|
105
|
+
# The argument n specifies the length of the random length.
|
106
|
+
# The length of the result string is about 4/3 of n.
|
107
|
+
#
|
108
|
+
# If n is not specified, 16 is assumed.
|
109
|
+
# It may be larger in future.
|
110
|
+
#
|
111
|
+
# If secure random number generator is not available,
|
112
|
+
# NotImplementedError is raised.
|
113
|
+
def self.base64(n=nil)
|
114
|
+
[random_bytes(n)].pack("m*").delete("\n")
|
115
|
+
end
|
116
|
+
|
117
|
+
# SecureRandom.random_number generates a random number.
|
118
|
+
#
|
119
|
+
# If an positive integer is given as n,
|
120
|
+
# SecureRandom.random_number returns an integer:
|
121
|
+
# 0 <= SecureRandom.random_number(n) < n.
|
122
|
+
#
|
123
|
+
# If 0 is given or an argument is not given,
|
124
|
+
# SecureRandom.random_number returns an float:
|
125
|
+
# 0.0 <= SecureRandom.random_number() < 1.0.
|
126
|
+
def self.random_number(n=0)
|
127
|
+
if 0 < n
|
128
|
+
hex = n.to_s(16)
|
129
|
+
hex = '0' + hex if (hex.length & 1) == 1
|
130
|
+
bin = [hex].pack("H*")
|
131
|
+
mask = bin[0].ord
|
132
|
+
mask |= mask >> 1
|
133
|
+
mask |= mask >> 2
|
134
|
+
mask |= mask >> 4
|
135
|
+
begin
|
136
|
+
rnd = SecureRandom.random_bytes(bin.length)
|
137
|
+
rnd[0] = (rnd[0].ord & mask).chr
|
138
|
+
end until rnd < bin
|
139
|
+
rnd.unpack("H*")[0].hex
|
140
|
+
else
|
141
|
+
# assumption: Float::MANT_DIG <= 64
|
142
|
+
i64 = SecureRandom.random_bytes(8).unpack("Q")[0]
|
143
|
+
Math.ldexp(i64 >> (64-Float::MANT_DIG), -Float::MANT_DIG)
|
144
|
+
end
|
145
|
+
end
|
146
|
+
|
147
|
+
end
|
148
|
+
|
149
|
+
# Added by joelparkerhenderson@gmail.com for backwards compatibility with Ruby 1.8
|
150
|
+
class Fixnum
|
151
|
+
def ord
|
152
|
+
return self
|
153
|
+
end
|
154
|
+
end
|
@@ -0,0 +1,48 @@
|
|
1
|
+
require 'test/unit'
|
2
|
+
require 'webget_ruby_secure_random'
|
3
|
+
|
4
|
+
class Testing < Test::Unit::TestCase
|
5
|
+
|
6
|
+
def test_random_bytes
|
7
|
+
n=16
|
8
|
+
20.times{
|
9
|
+
x=SecureRandom.random_bytes(16)
|
10
|
+
assert_equal(x.length,n)
|
11
|
+
}
|
12
|
+
end
|
13
|
+
|
14
|
+
def test_hex
|
15
|
+
n=16
|
16
|
+
20.times{
|
17
|
+
x=SecureRandom.hex(n)
|
18
|
+
assert_equal(x.length,2*n)
|
19
|
+
}
|
20
|
+
end
|
21
|
+
|
22
|
+
def test_base64
|
23
|
+
n=16
|
24
|
+
20.times{
|
25
|
+
x=SecureRandom.base64(n)
|
26
|
+
assert(x.length>=n,"x length #{x.length} >= n #{n}")
|
27
|
+
assert(x.length<2*n,"x length #{x.length} < 2n #{2*n}")
|
28
|
+
}
|
29
|
+
end
|
30
|
+
|
31
|
+
def test_random_number_integer
|
32
|
+
n=16
|
33
|
+
20.times{
|
34
|
+
x=SecureRandom.random_number(n)
|
35
|
+
assert(0<=x,"0<=x")
|
36
|
+
assert(x<n,"x<n")
|
37
|
+
}
|
38
|
+
end
|
39
|
+
|
40
|
+
def test_random_number_float
|
41
|
+
20.times{
|
42
|
+
x=SecureRandom.random_number
|
43
|
+
assert(0<=x,"0<=x")
|
44
|
+
assert(x<1,"x<1")
|
45
|
+
}
|
46
|
+
end
|
47
|
+
|
48
|
+
end
|
metadata
ADDED
@@ -0,0 +1,78 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: webget_ruby_secure_random
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.2.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- WebGet
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain:
|
11
|
+
- |
|
12
|
+
-----BEGIN CERTIFICATE-----
|
13
|
+
MIIDvDCCAyWgAwIBAgIJAIlSqEkDQaZIMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD
|
14
|
+
VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j
|
15
|
+
aXNjbzETMBEGA1UEChMKV2ViR2V0LmNvbTETMBEGA1UECxMKV2ViR2V0LmNvbTET
|
16
|
+
MBEGA1UEAxMKV2ViR2V0LmNvbTEgMB4GCSqGSIb3DQEJARYRd2ViZ2V0QHdlYmdl
|
17
|
+
dC5jb20wHhcNMDkwMjI2MTk0NDU4WhcNMTExMTIzMTk0NDU4WjCBmzELMAkGA1UE
|
18
|
+
BhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lz
|
19
|
+
Y28xEzARBgNVBAoTCldlYkdldC5jb20xEzARBgNVBAsTCldlYkdldC5jb20xEzAR
|
20
|
+
BgNVBAMTCldlYkdldC5jb20xIDAeBgkqhkiG9w0BCQEWEXdlYmdldEB3ZWJnZXQu
|
21
|
+
Y29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXCFYfW6hCQl0ToNjaMIXG
|
22
|
+
ZfPF6OoR20BO/Tg6V37qPi7gDSZ6vIC6Mxcs8LtEcju85cD9lnKKl/lo4S5/w9Ha
|
23
|
+
hGD2ZFFfbF8420X5Za5G2KuriS3GzRz7F5dKCTjb1NH9TPlgOc71bcrDmCwwtFJl
|
24
|
+
T+tdfBju0YxLSBiMXf4y5QIDAQABo4IBBDCCAQAwHQYDVR0OBBYEFHB1kXO/Xd4g
|
25
|
+
G+AJ2/wwh6JOWXzNMIHQBgNVHSMEgcgwgcWAFHB1kXO/Xd4gG+AJ2/wwh6JOWXzN
|
26
|
+
oYGhpIGeMIGbMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQG
|
27
|
+
A1UEBxMNU2FuIEZyYW5jaXNjbzETMBEGA1UEChMKV2ViR2V0LmNvbTETMBEGA1UE
|
28
|
+
CxMKV2ViR2V0LmNvbTETMBEGA1UEAxMKV2ViR2V0LmNvbTEgMB4GCSqGSIb3DQEJ
|
29
|
+
ARYRd2ViZ2V0QHdlYmdldC5jb22CCQCJUqhJA0GmSDAMBgNVHRMEBTADAQH/MA0G
|
30
|
+
CSqGSIb3DQEBBQUAA4GBADzVXlwuff0/w3yK4LflGKKhtC3oChIrwmSyP6tk628N
|
31
|
+
BHokpc4Kz63xSXqzYTnBS7rFBwlYThtNalQeWmoUjGh3Z0ZR0JlhU0ln8899LuJ3
|
32
|
+
DXnLFY0cVuBnNDMOOFl8vk1qIcZjcTovhzgcixpG6Uk5qmUsKHRLQf4oQJx7TfLK
|
33
|
+
-----END CERTIFICATE-----
|
34
|
+
|
35
|
+
date: 2010-02-17 00:00:00 -08:00
|
36
|
+
default_executable:
|
37
|
+
dependencies: []
|
38
|
+
|
39
|
+
description:
|
40
|
+
email: webget@webget.com
|
41
|
+
executables: []
|
42
|
+
|
43
|
+
extensions: []
|
44
|
+
|
45
|
+
extra_rdoc_files: []
|
46
|
+
|
47
|
+
files:
|
48
|
+
- lib/webget_ruby_secure_random.rb
|
49
|
+
has_rdoc: true
|
50
|
+
homepage: http://webget.com/
|
51
|
+
licenses: []
|
52
|
+
|
53
|
+
post_install_message:
|
54
|
+
rdoc_options: []
|
55
|
+
|
56
|
+
require_paths:
|
57
|
+
- lib
|
58
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
59
|
+
requirements:
|
60
|
+
- - ">="
|
61
|
+
- !ruby/object:Gem::Version
|
62
|
+
version: "0"
|
63
|
+
version:
|
64
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: "0"
|
69
|
+
version:
|
70
|
+
requirements: []
|
71
|
+
|
72
|
+
rubyforge_project:
|
73
|
+
rubygems_version: 1.3.5
|
74
|
+
signing_key:
|
75
|
+
specification_version: 3
|
76
|
+
summary: "WebGet Ruby Gem: secure random number method for Ruby 1.8.6"
|
77
|
+
test_files:
|
78
|
+
- test/webget_ruby_secure_random_test.rb
|
metadata.gz.sig
ADDED
Binary file
|