[ruby-cvs:64550] shyouhei:r57384 (trunk): SecureRandom should try /dev/urandom first [Bug #9569]

shyouhei at ruby-lang.org shyouhei at ruby-lang.org
Fri Jan 20 17:00:00 JST 2017


shyouhei	2017-01-20 17:00:00 +0900 (Fri, 20 Jan 2017)

  New Revision: 57384

  https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=57384

  Log:
    SecureRandom should try /dev/urandom first [Bug #9569]
    
    * random.c (InitVM_Random): rename Random.raw_seed to
      Random.urandom.  A quick search seems there are no practical use
      of this method than securerandom.rb so I think it's OK to rename
      but if there are users of it, this hunk is subject to revert.
    
    * test/ruby/test_rand.rb (TestRand#test_urandom): test for it.
    
    * lib/securerandom.rb (SecureRandom.gen_random): Prefer OS-
      provided CSPRNG if available. Otherwise falls back to OpenSSL.
      Current preference is:
    
      1. CSPRNG routine that the OS has; one of
         - getrandom(2),
         - arc4random(3), or
         - CryptGenRandom()
      2. /dev/urandom device
      3. OpenSSL's RAND_bytes(3)
    
      If none of above random number generators are available, you
      cannot use this module.  An exception is raised that case.

  Modified files:
    trunk/lib/securerandom.rb
    trunk/random.c
    trunk/test/ruby/test_rand.rb


More information about the ruby-cvs mailing list