ruby.git/lib/securerandom.rb, branch v2_5_8 The Ruby Programming Language merge revision(s) 5bab1304af25a843728dbcd2f3594913740aecb0: [Backport #15847] 2019-08-26T15:13:49+00:00 usa usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2019-08-26T15:13:49+00:00 7cdacb99ad17c859dc701843bd37d49412305716 fix visibility of SecureRandom.gen_random Aliasing a method preserves its visibility. These aliases turn formerly-public methods into private. Should make them public again. [Bug #15847] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@67762 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	fix visibility of SecureRandom.gen_random

	Aliasing a method preserves its visibility.  These aliases turn
	formerly-public methods into private.  Should make them public
	again.  [Bug #15847]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@67762 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
securerandom.rb: fix an example of choose [ci skip] 2017-10-25T07:28:22+00:00 nobu nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-10-25T07:28:22+00:00 7ed3aae2feb91c584c5402dd6f63c145acd1f033 * lib/securerandom.rb (Random::Formatter#choose): [DOC] fix an example, `n` is not optional. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60420 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
* lib/securerandom.rb (Random::Formatter#choose): [DOC] fix an
  example, `n` is not optional.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60420 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
less random generations in Random::Formatter#choose. 2017-10-21T16:12:46+00:00 akr akr@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-10-21T16:12:46+00:00 6cba29b4220cc0277f209af9d172f4ec1ddb5f0e git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60309 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60309 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
SecureRandom.alphanumeric implemented. 2017-10-21T15:21:26+00:00 akr akr@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-10-21T15:21:26+00:00 b867882a1c2a358bb7a46f84365c86a959d35240 [ruby-core:68098] [Feature #10849] proposed by Andrew Butterfield. SecureRandom.choose and SecureRandom.graph is not included. (The implementation has SecureRandom.choose but it is private.) I feel the method name, SecureRandom.choose, doesn't represent the behavior well. The actual use cases of SecureRandom.graph is not obvious. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60297 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
[ruby-core:68098] [Feature #10849] proposed by Andrew Butterfield.

SecureRandom.choose and SecureRandom.graph is not included.
(The implementation has SecureRandom.choose but it is private.)

I feel the method name, SecureRandom.choose, doesn't represent
the behavior well.

The actual use cases of SecureRandom.graph is not obvious.



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60297 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
lib/securerandom.rb: test one byte to determine urandom or openssl 2017-09-11T12:44:51+00:00 mame mame@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-09-11T12:44:51+00:00 3b08df649e2337594f398e7f47b7baea8188ed96 `SecureRandom#gen_random` determines whether urandom is available or not by trying `Random.urandom(n)`. But, when n = 0, `Random.urandom(0)` always succeeds even if urandom is not available, which leads to a wrong decision. When failed, `Random.urandom` returns nil instead of returning a shorter string than required. So the check for `ret.length != n` is not needed. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59840 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
`SecureRandom#gen_random` determines whether urandom is available or not
by trying `Random.urandom(n)`.  But, when n = 0, `Random.urandom(0)`
always succeeds even if urandom is not available, which leads to a wrong
decision.

When failed, `Random.urandom` returns nil instead of returning a shorter
string than required.  So the check for `ret.length != n` is not needed.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59840 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Remove commented out code of SecureRandom.random_number. 2017-09-11T06:11:37+00:00 hsbt hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-09-11T06:11:37+00:00 f7b3d2be571a634d13f742f411219685d08900d6 [Misc #13870][ruby-core:82654] Patch by @aycabta. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59835 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  [Misc #13870][ruby-core:82654] Patch by @aycabta.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59835 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
securerandom: fix up r57384 2017-02-24T11:33:06+00:00 rhe rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-02-24T11:33:06+00:00 a0acd82f2af3278bcdba3df33a13e4604d5d68fc SecureRandom.gen_random_openssl still refers to Random.raw_seed, which is renamed to Random.urandom by r57384. [Bug #9569] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57707 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
SecureRandom.gen_random_openssl still refers to Random.raw_seed, which
is renamed to Random.urandom by r57384.  [Bug #9569]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57707 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
SecureRandom should try /dev/urandom first [Bug #9569] 2017-01-20T08:00:00+00:00 shyouhei shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-01-20T08:00:00+00:00 abae70d6ed63054d7d01bd6cd80c1b5b98b93ba3 * random.c (InitVM_Random): rename Random.raw_seed to Random.urandom. A quick search seems there are no practical use of this method than securerandom.rb so I think it's OK to rename but if there are users of it, this hunk is subject to revert. * test/ruby/test_rand.rb (TestRand#test_urandom): test for it. * lib/securerandom.rb (SecureRandom.gen_random): Prefer OS- provided CSPRNG if available. Otherwise falls back to OpenSSL. Current preference is: 1. CSPRNG routine that the OS has; one of - getrandom(2), - arc4random(3), or - CryptGenRandom() 2. /dev/urandom device 3. OpenSSL's RAND_bytes(3) If none of above random number generators are available, you cannot use this module. An exception is raised that case. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57384 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* random.c (InitVM_Random): rename Random.raw_seed to
	  Random.urandom.  A quick search seems there are no practical use
	  of this method than securerandom.rb so I think it's OK to rename
	  but if there are users of it, this hunk is subject to revert.

	* test/ruby/test_rand.rb (TestRand#test_urandom): test for it.

	* lib/securerandom.rb (SecureRandom.gen_random): Prefer OS-
	  provided CSPRNG if available. Otherwise falls back to OpenSSL.
	  Current preference is:

	  1. CSPRNG routine that the OS has; one of
	     - getrandom(2),
	     - arc4random(3), or
	     - CryptGenRandom()
	  2. /dev/urandom device
	  3. OpenSSL's RAND_bytes(3)

	  If none of above random number generators are available, you
	  cannot use this module.  An exception is raised that case.



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57384 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
random.c: use bytes 2016-05-10T05:57:11+00:00 nobu nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-05-10T05:57:11+00:00 b402cc71616169bab03fb856e73a7d6519330ca3 * random.c (obj_random_bytes): base on bytes method instead of rand method, not to call toplevel rand method. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54968 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
* random.c (obj_random_bytes): base on bytes method instead of
  rand method, not to call toplevel rand method.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54968 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/securerandom.rb (gen_random): to avoid blocking on Windows. 2016-03-17T06:01:11+00:00 naruse naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-03-17T06:01:11+00:00 6545327e24c0efc7bb0cb32cd2043d79ea365790 On Windows OpenSSL RAND_bytes (underlying implementation is RAND_poll in crypto/rand/rand_win.c) may be blocked at NetStatisticsGet. https://wiki.openssl.org/index.php/Random_Numbers#Windows_Issues Instead of this, use Random.raw_seed directory (whose implementation CryptGenRandom is one of the source of entropy of RAND_poll on Windows). https://wiki.openssl.org/index.php/Random_Numbers Note: CryptGenRandom function is PRNG and doesn't check its entropy, so it won't block. [Bug #12139] https://msdn.microsoft.com/ja-jp/library/windows/desktop/aa379942.aspx https://tools.ietf.org/html/rfc4086#section-7.1.3 https://eprint.iacr.org/2007/419.pdf http://www.cs.huji.ac.il/~dolev/pubs/thesis/msc-thesis-leo.pdf git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54144 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  On Windows OpenSSL RAND_bytes (underlying implementation is
  RAND_poll in crypto/rand/rand_win.c) may be blocked at
  NetStatisticsGet.
  https://wiki.openssl.org/index.php/Random_Numbers#Windows_Issues
  Instead of this, use Random.raw_seed directory (whose implementation
  CryptGenRandom is one of the source of
  entropy of RAND_poll on Windows).
  https://wiki.openssl.org/index.php/Random_Numbers
  Note: CryptGenRandom function is PRNG and doesn't check its entropy,
  so it won't block. [Bug #12139]
  https://msdn.microsoft.com/ja-jp/library/windows/desktop/aa379942.aspx
  https://tools.ietf.org/html/rfc4086#section-7.1.3
  https://eprint.iacr.org/2007/419.pdf
  http://www.cs.huji.ac.il/~dolev/pubs/thesis/msc-thesis-leo.pdf

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54144 b2dd03c8-39d4-4d8f-98ff-823fe69b080e