From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Yuri Khan Newsgroups: gmane.emacs.help Subject: Re: Noob dumb question (extending emacs) Date: Tue, 26 Oct 2021 02:56:25 +0700 Message-ID: References: <875ytnzka1.fsf@zoho.eu> <87h7d6zrx9.fsf@zoho.eu> <87fssqxp1s.fsf@zoho.eu> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="38030"; mail-complaints-to="usenet@ciao.gmane.io" To: Yuri Khan , help-gnu-emacs Original-X-From: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane-mx.org@gnu.org Mon Oct 25 22:11:56 2021 Return-path: Envelope-to: geh-help-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mf6K4-0009eu-AV for geh-help-gnu-emacs@m.gmane-mx.org; Mon, 25 Oct 2021 22:11:56 +0200 Original-Received: from localhost ([::1]:59770 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mf6K3-0005IU-3e for geh-help-gnu-emacs@m.gmane-mx.org; Mon, 25 Oct 2021 16:11:55 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:51914) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mf65P-0003Am-FS for help-gnu-emacs@gnu.org; Mon, 25 Oct 2021 15:56:47 -0400 Original-Received: from mail-ua1-x930.google.com ([2607:f8b0:4864:20::930]:35460) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mf65J-0005gH-7C for help-gnu-emacs@gnu.org; Mon, 25 Oct 2021 15:56:47 -0400 Original-Received: by mail-ua1-x930.google.com with SMTP id q13so24626585uaq.2 for ; Mon, 25 Oct 2021 12:56:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :content-transfer-encoding; bh=PiENxd7scSpC9zSTqiE8RhlLPBhGM+B4REm78vFU2fY=; b=dGG0EH7AP3lEJug6MvrIVJ8hSUHzpmR/1P4CMlnYrP4TkZTGx+wQW9i4+PGDtsFasj ZBOABGajflJKjxPThCg7Xk5le/bT4vf3Y12K4e7b19ZP+s7Qc7//xmkTpCOZPLGc0EUb aT3LdsemACHoHDFv/sLVyI/yYxgdMvlNQ+GtEjVJ2TCvzo8OydfIr86scUNtt9h9VkiD QcngH69ZKymg+gL557GKcJYJvurBWsJEf/NRs+ALdbPO7P4G5w2Ws7bLWE5V2qs6OoE5 K23+GLIaahug2q9aS0ZOujSP8pq2MV40WaaRVuaJqVZoB3gvNxArOIiPqHXswT2cJqaC 3Y+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:content-transfer-encoding; bh=PiENxd7scSpC9zSTqiE8RhlLPBhGM+B4REm78vFU2fY=; b=E9NYxFVB0wuFiolhihZMr0vS01nbiUUbp2ENv57wiYCpQmmcuF2ipcBbRkdXuF2l9r BDmcmtU6qbdXS5sGfSaqLpxWvtZI6PY5WPnqp5f0jFuKTTSfBJ98ROlS/a/EbuWBNJNO gZff0D+vEJ6Q9q4IYtzRd6dTAhIl3PBmF4V3yM6/QDES1BWyHSMq5XjIFfRAoct9zqVT uZe9XuLWjvfcRZsGprgHIqSEEJ5XCCROLA8AtBnGQtdfyx5CPh+z+qeWEb2n+ZjJ/Zu6 kweFE/45l7zXPYqpIlAPEpF26JhGTVXKfCNLZpJzGm20CBTSnZ6W4/5yI9GPHPUjLnTE T+1Q== X-Gm-Message-State: AOAM533FSemiYjMMB27yu9Ooztc0/YuFz6DtJwYjyLdD5yvLK3HqTGJx PCTz9bCHEH3H/b9gBecPwU638/QFcMmL/WOmmjA= X-Google-Smtp-Source: ABdhPJxxaIudnGk+vfCL9QT6Nu6h77x7cNHo1vjjZT/dMddDqygodIaZ5QRZJOe9ajgawHRcoprDReYErmLaslJJRqo= X-Received: by 2002:a67:fa17:: with SMTP id i23mr5676582vsq.6.1635191797731; Mon, 25 Oct 2021 12:56:37 -0700 (PDT) In-Reply-To: Received-SPF: pass client-ip=2607:f8b0:4864:20::930; envelope-from=yurivkhan@gmail.com; helo=mail-ua1-x930.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: help-gnu-emacs@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Users list for the GNU Emacs text editor List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: "help-gnu-emacs" Xref: news.gmane.io gmane.emacs.help:134159 Archived-At: On Tue, 26 Oct 2021 at 02:25, Jean Louis wrote: > Yuri and Michael H., you are very right, too simple password > generation without enough entropy produces duplicate passwords. What tipped you to this conclusion? Still wrong! > (defun rcd-read-urandom (&optional length) > "I am also free to modify the Emacs Lisp unlimited times." > (shell-command-to-string "head -n 1 /dev/urandom")) Here you read the first newline-delimited line of /dev/urandom, which may be a lot. If you have to use =E2=80=98head=E2=80=99, use it with -c and= give a byte count. > (defun rcd-password-generate-1 (string) > "Return capitalized or downcased single symbol from a string" > (random (format "%s" (rcd-read-urandom))) Here you seed the Emacs random generator with the entropy. However, the Emacs random generator can only use 48 bits of entropy in the best case, so it grabs exactly that and drops the remainder on the floor. > (let* ((max (length string)) > (rnd (random max)) > (single (substring string rnd (+ rnd 1)))) > single)) Then you proceed to generate a random password using the seeded pseudo-random generator. Which is a step up from an unseeded pseudo-random generator (you could generate a series of passwords from a single seed, making it easier for the attacker who knows one to guess others) but still not as random as you would get by just converting raw entropy into printable characters.