From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Leo Newsgroups: gmane.emacs.devel Subject: New function: secure-random-bytes Date: Fri, 24 Jun 2011 15:50:06 +0800 Message-ID: NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Trace: dough.gmane.org 1308902080 24860 80.91.229.12 (24 Jun 2011 07:54:40 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Fri, 24 Jun 2011 07:54:40 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Jun 24 09:54:33 2011 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([140.186.70.17]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1Qa1Dg-0006pS-Sb for ged-emacs-devel@m.gmane.org; Fri, 24 Jun 2011 09:54:29 +0200 Original-Received: from localhost ([::1]:41274 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Qa1Df-0002Aw-VB for ged-emacs-devel@m.gmane.org; Fri, 24 Jun 2011 03:54:28 -0400 Original-Received: from eggs.gnu.org ([140.186.70.92]:48821) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Qa19s-0001VD-QV for emacs-devel@gnu.org; Fri, 24 Jun 2011 03:50:34 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Qa19q-0005Z9-LW for emacs-devel@gnu.org; Fri, 24 Jun 2011 03:50:32 -0400 Original-Received: from lo.gmane.org ([80.91.229.12]:56102) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Qa19q-0005Yu-5W for emacs-devel@gnu.org; Fri, 24 Jun 2011 03:50:30 -0400 Original-Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1Qa19o-0004go-4x for emacs-devel@gnu.org; Fri, 24 Jun 2011 09:50:28 +0200 Original-Received: from 123.114.53.11 ([123.114.53.11]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 24 Jun 2011 09:50:28 +0200 Original-Received: from sdl.web by 123.114.53.11 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 24 Jun 2011 09:50:28 +0200 X-Injected-Via-Gmane: http://gmane.org/ Original-Lines: 190 Original-X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: 123.114.53.11 Face: iVBORw0KGgoAAAANSUhEUgAAACgAAAAoBAMAAAB+0KVeAAAAMFBMVEUaFRZLMy1dTENxVzKQ WiCrXQ97cmO/dSqSh3akjGTApXy5sJ7Sxo/Sz8Xo6eP9//xJbkruAAAAAWJLR0QAiAUdSAAAAAlw SFlzAAACxQAAAsUBidZ/7wAAAAd0SU1FB9cBBwMJOwHXewoAAAIBSURBVCjPVdNBiNNAFADQ6J4F x3hThHZBBC+WCFI8SS0iezRDcMHLHkLAg6gJH/fgYQ9xYlj2sLK4KHgqCgXFhda2Idmr4kkQPZQ0 nkQMbTypbMmMM2m7ZgYSmMef/5OZPwo7HFnx3uKPcmj0Dht1LWZJ+Hvr7dIFZXRUwl9VRTuuKDJ+ U44gjscknK4hhJaCkYRsWjmBtLqXlJAG2wipNe18OZJu1BBq1E8xafl4s6Jq2mUZGftU1y7CCxnp FVUDWJXx4C66BKBnErbuoaYNtoRTu6EZBsCbMn7W+5qOAR6WvxNOby9jHWC9hAf3n304CdiAByXs 3Nh9roLDkyb/sWV712vYwaLSAn8CPMHIAAzOPDKP2COAFm4Y4ODVWc6xG7KXsN7UeUJjjimx2uwd gCgNhr0i8C/xyCD5CiCKAMY3Bf5oDzx//w/fimscdcAZU2jv9sedx6+nYPPFIoWI/GK6QZ+EFGOR ErAjCnV3vPZ7XqlTIMbOLY7fLcvvmT7rXNWaGDexIY44N12TG2PDp7vqyl57dnCeuWwyNpnEURxk fTbDYeBnKRn4oejPYI4sH6WviBumEZ/GxX4X/x6EcURFZ7E071bjQGAxpcOAEOJuTiroDEea5Szv rVWLYfl7ZiQwSUToxrkux7OLixAWGz22+HIyWTRYcVfomOwvzusfjtVIGgLHf3MAAAAASUVORK5C YII= User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.3.50 (Mac OS X 10.6.7) Cancel-Lock: sha1:IHYffos1ZZr9+7t3s5S920QRI6U= X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-Received-From: 80.91.229.12 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:140936 Archived-At: --=-=-= Content-Type: text/plain Hello, It seems useful to provide a way to get some cryptographically strong random bytes (e.g. for uuid generation or passwords). See discussion: http://thread.gmane.org/gmane.emacs.devel/138494 The attached preliminary patch does this. Comments are welcome. Thanks. Leo --=-=-= Content-Type: text/x-diff Content-Disposition: inline; filename=srb.diff Content-Description: srb.diff === modified file 'configure.in' --- configure.in 2011-06-21 17:10:10 +0000 +++ configure.in 2011-06-24 07:30:10 +0000 @@ -174,6 +174,7 @@ OPTION_DEFAULT_ON([gconf],[don't compile with GConf support]) OPTION_DEFAULT_ON([selinux],[don't compile with SELinux support]) OPTION_DEFAULT_ON([gnutls],[don't use -lgnutls for SSL/TLS support]) +OPTION_DEFAULT_ON([secure-random],[don't compile secure-random support]) ## For the times when you want to build Emacs but don't have ## a suitable makeinfo, and can live without the manuals. @@ -1999,6 +2000,32 @@ AC_SUBST(LIBGNUTLS_LIBS) AC_SUBST(LIBGNUTLS_CFLAGS) +case $with_secure_random in + urandom | yes) AC_CHECK_FILE("/dev/urandom", HAVE_RANDOMDEV=yes, HAVE_RANDOMDEV=no) + if test "${HAVE_RANDOMDEV}" = "no"; then + AC_DEFINE(SECURE_RANDOM_TYPE, 1, [Set 1 if /dev/urandom exists.]) + AC_DEFINE(RANDOMDEV, "/dev/urandom", [Define if /dev/urandom exists]) + fi + ;; + gnutls) if test -z "$HAVE_GNUTLS"; then + PKG_CHECK_MODULES([LIBGNUTLS], [gnutls >= 2.6.0], HAVE_GNUTLS=yes, HAVE_GNUTLS=no) + fi + if test "$HAVE_GNUTLS" = yes; then + AC_DEFINE(SECURE_RANDOM_TYPE, 2, [Set to 2 if using GnuTLS.]) + fi + ;; + openssl) PKG_CHECK_MODULES([LIBOPENSSL], [openssl >= 0.9.8], HAVE_OPENSSL=yes, HAVE_OPENSSL=no) + if test "$HAVE_OPENSSL" = "yes"; then + AC_DEFINE(SECURE_RANDOM_TYPE, 3, [Set to 3 if using OpenSSL.]) + fi + CFLAGS="$CFLAGS $LIBOPENSSL_CFLAGS" + LIBS="$LIBOPENSSL_LIBS $LIBS" + ;; +esac + +AC_SUBST(LIBOPENSSL_LIBS) +AC_SUBST(LIBOPENSSL_CFLAGS) + dnl Do not put whitespace before the #include statements below. dnl Older compilers (eg sunos4 cc) choke on it. HAVE_XAW3D=no === modified file 'src/Makefile.in' --- src/Makefile.in 2011-05-21 02:04:48 +0000 +++ src/Makefile.in 2011-06-24 06:28:33 +0000 @@ -269,6 +269,9 @@ LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@ LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@ +LIBOPENSSL_LIBS = @LIBOPENSSL_LIBS@ +LIBOPENSSL_CFLAGS = @LIBOPENSSL_CFLAGS@ + INTERVALS_H = dispextern.h intervals.h composite.h GETLOADAVG_LIBS = @GETLOADAVG_LIBS@ @@ -307,7 +310,7 @@ $(LIBXML2_CFLAGS) $(DBUS_CFLAGS) \ $(GCONF_CFLAGS) $(FREETYPE_CFLAGS) $(FONTCONFIG_CFLAGS) \ $(LIBOTF_CFLAGS) $(M17N_FLT_CFLAGS) $(DEPFLAGS) $(PROFILING_CFLAGS) \ - $(LIBGNUTLS_CFLAGS) \ + $(LIBGNUTLS_CFLAGS) $(LIBOPENSSL_CFLAGS) \ $(C_WARNINGS_SWITCH) $(CFLAGS) ALL_OBJC_CFLAGS=$(ALL_CFLAGS) $(GNU_OBJC_CFLAGS) @@ -383,7 +386,7 @@ $(LIBXML2_LIBS) $(LIBGPM) $(LIBRESOLV) $(LIBS_SYSTEM) \ $(LIBS_TERMCAP) $(GETLOADAVG_LIBS) $(GCONF_LIBS) $(LIBSELINUX_LIBS) \ $(FREETYPE_LIBS) $(FONTCONFIG_LIBS) $(LIBOTF_LIBS) $(M17N_FLT_LIBS) \ - $(LIBGNUTLS_LIBS) \ + $(LIBGNUTLS_LIBS) $(LIBOPENSSL_LIBS) \ $(LIB_GCC) $(LIB_MATH) $(LIB_STANDARD) $(LIB_GCC) all: emacs$(EXEEXT) $(OTHER_FILES) === modified file 'src/fileio.c' --- src/fileio.c 2011-06-19 19:06:16 +0000 +++ src/fileio.c 2011-06-24 07:23:58 +0000 @@ -5420,7 +5420,76 @@ args[6] = predicate; RETURN_UNGCPRO (Ffuncall (7, args)); } + +#if SECURE_RANDOM_TYPE==1 + +DEFUN ("secure-random-bytes", Fsecure_random_bytes, Ssecure_random_bytes, 1, 1, 0, + doc: /* Return N cryptographically strong pseudo-random bytes. */) + (Lisp_Object n) +{ + register int nbytes; + int fd; + Lisp_Object val; + struct stat st; + + CHECK_NATNUM (n); + + /* Return empty string for 0 bytes */ + if (XFASTINT(n) == 0) + return build_string (""); + + if ((stat (RANDOMDEV, &st) < 0) +#ifdef S_ISCHR + || (!S_ISCHR (st.st_mode)) +#endif + ) + error ("Secure random device does not exist"); + + val = make_uninit_string (XFASTINT (n)); + + fd = emacs_open (RANDOMDEV, O_RDONLY | O_NONBLOCK, 0); + nbytes = emacs_read (fd, SDATA (val), XFASTINT (n)); + emacs_close (fd); + if (nbytes < XFASTINT (n)) + error ("IO error reading secure random device"); + + return val; +} + +#elif SECURE_RANDOM_TYPE==2 || SECURE_RANDOM_TYPE==3 + +#ifdef SECURE_RANDOM_TYPE==2 +#include +#include +#else +#include +#endif + +DEFUN ("secure-random-bytes", Fsecure_random_bytes, Ssecure_random_bytes, 1, 1, 0, + doc: /* Return N cryptographically strong pseudo-random bytes. */) + (Lisp_Object n) +{ + Lisp_Object val; + + CHECK_NATNUM (n); + + /* Return empty string for 0 bytes */ + if (XFASTINT(n) == 0) + return build_string (""); + + val = make_uninit_string (XFASTINT (n)); + +#if SECURE_RANDOM_TYPE==2 + if (gnutls_rnd (GNUTLS_RND_NONCE, SDATA (val), XFASTINT (n)) < 0) +#else + if (RAND_bytes (SDATA (val), XFASTINT (n)) == 0) +#endif + error ("Failed to generate random data"); + + return val; +} +#endif /* SECURE_RANDOM_TYPE */ void syms_of_fileio (void) @@ -5701,6 +5770,9 @@ defsubr (&Smake_directory_internal); defsubr (&Sdelete_directory_internal); defsubr (&Sdelete_file); +#ifdef SECURE_RANDOM_TYPE + defsubr (&Ssecure_random_bytes); +#endif defsubr (&Srename_file); defsubr (&Sadd_name_to_file); defsubr (&Smake_symbolic_link); --=-=-=--