2014-11-09 04:31:05 +03:00
|
|
|
# -*- coding: us-ascii -*-
|
2015-11-10 14:48:14 +03:00
|
|
|
# frozen_string_literal: true
|
2013-05-20 15:37:04 +04:00
|
|
|
|
2021-12-05 15:53:35 +03:00
|
|
|
require 'random/formatter'
|
|
|
|
|
2013-05-20 15:37:04 +04:00
|
|
|
# == Secure random number generator interface.
|
2007-06-10 05:42:51 +04:00
|
|
|
#
|
2015-01-02 09:36:00 +03:00
|
|
|
# This library is an interface to secure random number generators which are
|
|
|
|
# suitable for generating session keys in HTTP cookies, etc.
|
2007-06-10 05:42:51 +04:00
|
|
|
#
|
2014-02-01 01:12:49 +04:00
|
|
|
# You can use this library in your application by requiring it:
|
|
|
|
#
|
|
|
|
# require 'securerandom'
|
|
|
|
#
|
2015-01-02 09:36:00 +03:00
|
|
|
# It supports the following secure random number generators:
|
2007-06-10 05:42:51 +04:00
|
|
|
#
|
|
|
|
# * openssl
|
|
|
|
# * /dev/urandom
|
2008-01-06 12:11:34 +03:00
|
|
|
# * Win32
|
2007-06-10 05:42:51 +04:00
|
|
|
#
|
2019-01-20 18:06:11 +03:00
|
|
|
# SecureRandom is extended by the Random::Formatter module which
|
|
|
|
# defines the following methods:
|
2018-12-27 15:42:45 +03:00
|
|
|
#
|
|
|
|
# * alphanumeric
|
|
|
|
# * base64
|
|
|
|
# * choose
|
|
|
|
# * gen_random
|
|
|
|
# * hex
|
|
|
|
# * rand
|
|
|
|
# * random_bytes
|
|
|
|
# * random_number
|
|
|
|
# * urlsafe_base64
|
|
|
|
# * uuid
|
|
|
|
#
|
|
|
|
# These methods are usable as class methods of SecureRandom such as
|
2021-08-24 13:24:58 +03:00
|
|
|
# +SecureRandom.hex+.
|
2018-12-27 15:42:45 +03:00
|
|
|
#
|
2021-12-05 15:53:35 +03:00
|
|
|
# If a secure random number generator is not available,
|
|
|
|
# +NotImplementedError+ is raised.
|
2015-01-02 09:36:00 +03:00
|
|
|
|
2007-06-10 05:42:51 +04:00
|
|
|
module SecureRandom
|
2017-01-20 11:00:00 +03:00
|
|
|
class << self
|
|
|
|
def bytes(n)
|
|
|
|
return gen_random(n)
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def gen_random_openssl(n)
|
2013-07-11 08:01:47 +04:00
|
|
|
@pid = 0 unless defined?(@pid)
|
2011-06-13 13:36:48 +04:00
|
|
|
pid = $$
|
2013-07-11 08:01:47 +04:00
|
|
|
unless @pid == pid
|
2013-08-31 09:07:56 +04:00
|
|
|
now = Process.clock_gettime(Process::CLOCK_REALTIME, :nanosecond)
|
2016-03-04 16:39:46 +03:00
|
|
|
OpenSSL::Random.random_add([now, @pid, pid].join(""), 0.0)
|
2017-02-24 14:33:06 +03:00
|
|
|
seed = Random.urandom(16)
|
2015-11-30 23:29:22 +03:00
|
|
|
if (seed)
|
|
|
|
OpenSSL::Random.random_add(seed, 16)
|
|
|
|
end
|
2011-06-13 13:36:48 +04:00
|
|
|
@pid = pid
|
|
|
|
end
|
2007-06-10 05:42:51 +04:00
|
|
|
return OpenSSL::Random.random_bytes(n)
|
|
|
|
end
|
2017-01-20 11:00:00 +03:00
|
|
|
|
|
|
|
def gen_random_urandom(n)
|
|
|
|
ret = Random.urandom(n)
|
2015-02-14 06:01:36 +03:00
|
|
|
unless ret
|
|
|
|
raise NotImplementedError, "No random device"
|
2008-01-06 12:11:34 +03:00
|
|
|
end
|
2015-02-14 06:01:36 +03:00
|
|
|
unless ret.length == n
|
|
|
|
raise NotImplementedError, "Unexpected partial read from random device: only #{ret.length} for #{n} bytes"
|
|
|
|
end
|
|
|
|
ret
|
2014-11-09 06:16:24 +03:00
|
|
|
end
|
2020-09-05 03:32:31 +03:00
|
|
|
|
2022-02-16 08:15:11 +03:00
|
|
|
begin
|
|
|
|
# Check if Random.urandom is available
|
|
|
|
Random.urandom(1)
|
|
|
|
alias gen_random gen_random_urandom
|
|
|
|
rescue RuntimeError
|
2020-09-05 03:32:31 +03:00
|
|
|
begin
|
|
|
|
require 'openssl'
|
|
|
|
rescue NoMethodError
|
|
|
|
raise NotImplementedError, "No random device"
|
|
|
|
else
|
|
|
|
alias gen_random gen_random_openssl
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
public :gen_random
|
2007-06-10 05:42:51 +04:00
|
|
|
end
|
2015-02-14 06:02:32 +03:00
|
|
|
end
|
2007-06-10 05:42:51 +04:00
|
|
|
|
2015-02-14 06:02:32 +03:00
|
|
|
SecureRandom.extend(Random::Formatter)
|