[ruby-cvs:61305] naruse:r54144 (trunk): * lib/securerandom.rb (gen_random): to avoid blocking on Windows.

naruse at ruby-lang.org naruse at ruby-lang.org
Thu Mar 17 15:01:11 JST 2016


naruse	2016-03-17 15:01:11 +0900 (Thu, 17 Mar 2016)

  New Revision: 54144

  https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=54144

  Log:
    * lib/securerandom.rb (gen_random): to avoid blocking on Windows.
      On Windows OpenSSL RAND_bytes (underlying implementation is
      RAND_poll in crypto/rand/rand_win.c) may be blocked at
      NetStatisticsGet.
      https://wiki.openssl.org/index.php/Random_Numbers#Windows_Issues
      Instead of this, use Random.raw_seed directory (whose implementation
      CryptGenRandom is one of the source of
      entropy of RAND_poll on Windows).
      https://wiki.openssl.org/index.php/Random_Numbers
      Note: CryptGenRandom function is PRNG and doesn't check its entropy,
      so it won't block. [Bug #12139]
      https://msdn.microsoft.com/ja-jp/library/windows/desktop/aa379942.aspx
      https://tools.ietf.org/html/rfc4086#section-7.1.3
      https://eprint.iacr.org/2007/419.pdf
      http://www.cs.huji.ac.il/~dolev/pubs/thesis/msc-thesis-leo.pdf

  Modified files:
    trunk/ChangeLog
    trunk/lib/securerandom.rb


More information about the ruby-cvs mailing list