Module: OpenSSL::Random

Defined in:
ossl_rand.c

Defined Under Namespace

Classes: RandomError

Class Method Summary collapse

Class Method Details

.egd(filename) ⇒ true

Same as ::egd_bytes but queries 255 bytes by default.

Returns:

  • (true)

163
164
165
166
167
168
169
170
171
172
# File 'ossl_rand.c', line 163

static VALUE
ossl_rand_egd(VALUE self, VALUE filename)
{
    SafeStringValue(filename);

    if(!RAND_egd(RSTRING_PTR(filename))) {
	ossl_raise(eRandomError, NULL);
    }
    return Qtrue;
}

.egd_bytes(filename, length) ⇒ true

Queries the entropy gathering daemon EGD on socket path given by filename.

Fetches length number of bytes and uses ::add to seed the OpenSSL built-in PRNG.

Returns:

  • (true)

183
184
185
186
187
188
189
190
191
192
193
194
# File 'ossl_rand.c', line 183

static VALUE
ossl_rand_egd_bytes(VALUE self, VALUE filename, VALUE len)
{
    int n = NUM2INT(len);

    SafeStringValue(filename);

    if (!RAND_egd_bytes(RSTRING_PTR(filename), n)) {
	ossl_raise(eRandomError, NULL);
    }
    return Qtrue;
}

.load_random_file(filename) ⇒ true

Reads bytes from filename and adds them to the PRNG.

Returns:

  • (true)

67
68
69
70
71
72
73
74
75
76
# File 'ossl_rand.c', line 67

static VALUE
ossl_rand_load_file(VALUE self, VALUE filename)
{
    SafeStringValue(filename);

    if(!RAND_load_file(RSTRING_PTR(filename), -1)) {
	ossl_raise(eRandomError, NULL);
    }
    return Qtrue;
}

.pseudo_bytes(len) ⇒ Object

pseudo_bytes(length) -> string

Generates string with length number of pseudo-random bytes.

Pseudo-random byte sequences generated by ::pseudo_bytes will be unique if they are of sufficient length, but are not necessarily unpredictable.

Example:

OpenSSL::Random.pseudo_bytes(12)
=> "..."

142
143
144
145
146
147
148
149
150
151
152
153
154
# File 'ossl_rand.c', line 142

static VALUE
ossl_rand_pseudo_bytes(VALUE self, VALUE len)
{
    VALUE str;
    int n = NUM2INT(len);

    str = rb_str_new(0, n);
    if (!RAND_pseudo_bytes((unsigned char *)RSTRING_PTR(str), n)) {
	ossl_raise(eRandomError, NULL);
    }

    return str;
}

.add(str, entropy) ⇒ self

Mixes the bytes from str into the Pseudo Random Number Generator(PRNG) state.

Thus, if the data from str are unpredictable to an adversary, this increases the uncertainty about the state and makes the PRNG output less predictable.

The entropy argument is (the lower bound of) an estimate of how much randomness is contained in str, measured in bytes.

Example:

pid = $$
now = Time.now
ary = [now.to_i, now.nsec, 1000, pid]
OpenSSL::Random.add(ary.join("").to_s, 0.0)
OpenSSL::Random.seed(ary.join("").to_s)

Returns:

  • (self)

52
53
54
55
56
57
58
59
# File 'ossl_rand.c', line 52

static VALUE
ossl_rand_add(VALUE self, VALUE str, VALUE entropy)
{
    StringValue(str);
    RAND_add(RSTRING_PTR(str), RSTRING_LENINT(str), NUM2DBL(entropy));

    return self;
}

.random_bytes(len) ⇒ Object

random_bytes(length) -> string

Generates string with length number of cryptographically strong pseudo-random bytes.

Example:

OpenSSL::Random.random_bytes(12)
=> "..."

108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
# File 'ossl_rand.c', line 108

static VALUE
ossl_rand_bytes(VALUE self, VALUE len)
{
    VALUE str;
    int n = NUM2INT(len);
    int ret;

    str = rb_str_new(0, n);
    ret = RAND_bytes((unsigned char *)RSTRING_PTR(str), n);
    if (ret == 0){
	char buf[256];
	ERR_error_string_n(ERR_get_error(), buf, 256);
	ossl_raise(eRandomError, "RAND_bytes error: %s", buf);
    } else if (ret == -1) {
	ossl_raise(eRandomError, "RAND_bytes is not supported");
    }

    return str;
}

.seed(str) ⇒ String

::seed is equivalent to ::add where entropy is length of str.

Returns:

  • (String)

21
22
23
24
25
26
27
28
# File 'ossl_rand.c', line 21

static VALUE
ossl_rand_seed(VALUE self, VALUE str)
{
    StringValue(str);
    RAND_seed(RSTRING_PTR(str), RSTRING_LENINT(str));

    return str;
}

.status?Boolean

Return true if the PRNG has been seeded with enough data, false otherwise.

Returns:

  • (Boolean)

203
204
205
206
207
# File 'ossl_rand.c', line 203

static VALUE
ossl_rand_status(VALUE self)
{
    return RAND_status() ? Qtrue : Qfalse;
}

.write_random_file(filename) ⇒ true

Writes a number of random generated bytes (currently 1024) to filename which can be used to initialize the PRNG by calling ::load_random_file in a later session.

Returns:

  • (true)

86
87
88
89
90
91
92
93
94
# File 'ossl_rand.c', line 86

static VALUE
ossl_rand_write_file(VALUE self, VALUE filename)
{
    SafeStringValue(filename);
    if (RAND_write_file(RSTRING_PTR(filename)) == -1) {
	ossl_raise(eRandomError, NULL);
    }
    return Qtrue;
}