From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Ted Zlatanov <tzz@lifelogs.com>
Newsgroups: gmane.emacs.devel
Subject: Re: New function: secure-random-bytes
Date: Fri, 24 Jun 2011 04:57:21 -0500
Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos
Message-ID: <87liwrh7r2.fsf@lifelogs.com>
References: <m1d3i3fz2p.fsf@gmail.com>
Reply-To: emacs-devel@gnu.org
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: dough.gmane.org 1308911287 12859 80.91.229.12 (24 Jun 2011 10:28:07 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Fri, 24 Jun 2011 10:28:07 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Jun 24 12:27:59 2011
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([140.186.70.17])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Qa3cF-0006nn-8t
	for ged-emacs-devel@m.gmane.org; Fri, 24 Jun 2011 12:27:59 +0200
Original-Received: from localhost ([::1]:33778 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Qa3cD-0006pA-Qg
	for ged-emacs-devel@m.gmane.org; Fri, 24 Jun 2011 06:27:58 -0400
Original-Received: from eggs.gnu.org ([140.186.70.92]:33742)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1Qa38u-0007Ij-8k
	for emacs-devel@gnu.org; Fri, 24 Jun 2011 05:57:41 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1Qa38s-00073k-La
	for emacs-devel@gnu.org; Fri, 24 Jun 2011 05:57:40 -0400
Original-Received: from lo.gmane.org ([80.91.229.12]:38691)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1Qa38s-00073T-20
	for emacs-devel@gnu.org; Fri, 24 Jun 2011 05:57:38 -0400
Original-Received: from list by lo.gmane.org with local (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1Qa38o-0001mq-N0
	for emacs-devel@gnu.org; Fri, 24 Jun 2011 11:57:34 +0200
Original-Received: from c-67-186-102-106.hsd1.il.comcast.net ([67.186.102.106])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Fri, 24 Jun 2011 11:57:34 +0200
Original-Received: from tzz by c-67-186-102-106.hsd1.il.comcast.net with local (Gmexim
	0.1 (Debian)) id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Fri, 24 Jun 2011 11:57:34 +0200
X-Injected-Via-Gmane: http://gmane.org/
Mail-Followup-To: emacs-devel@gnu.org
Original-Lines: 32
Original-X-Complaints-To: usenet@dough.gmane.org
X-Gmane-NNTP-Posting-Host: c-67-186-102-106.hsd1.il.comcast.net
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;
	d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT=
	D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
Mail-Copies-To: never
User-Agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux)
Cancel-Lock: sha1:Hv/KxvUrx+hqC0S/dqLVuaEvoVo=
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-Received-From: 80.91.229.12
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: </archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:140937
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/140937>

On Fri, 24 Jun 2011 15:50:06 +0800 Leo <sdl.web@gmail.com> wrote: 

L> It seems useful to provide a way to get some cryptographically strong
L> random bytes (e.g. for uuid generation or passwords).

L> See discussion: http://thread.gmane.org/gmane.emacs.devel/138494

L> The attached preliminary patch does this. Comments are welcome. Thanks.

Do you think you could you provide three functions,
`secure-random-bytes-{urandom,gnutls,openssl}' instead of three versions
with the same name?  Then there can be a `secure-random-bytes' in
simple.el or wherever:

(secure-random-bytes) ; auto, checking with fboundp
(secure-random-bytes 'gnutls) ; try the GnuTLS version first

The nice part is that you can put `secure-random-bytes-gnutls' in
gnutls.c; make openssl.c for `secure-random-bytes-openssl' and use a
HAVE_OPENSSL ifdef; and put `secure-random-bytes-urandom' in fileio.c
inside a HAVE_URANDOM ifdef.  That will avoid making up numeric
constants for SECURE_RANDOM_TYPE in favor of more meaningful constants
and puts all the new functions in the right place.

I can imagine other uses for the OpenSSL functions, so at least the
HAVE_OPENSSL macro makes a lot of sense.

I'm not sure what the auto priority should be.  Are the GnuTLS/OpenSSL
functions better than /dev/urandom?  They are certainly slower.

Thanks
Ted