Introduce enacl:randombytes/1.
This commit is contained in:
Jesper Louis Andersen
parent
6d37abd76a
commit
fd9f421621
10
README.md
10
README.md
@ -19,6 +19,16 @@ In addition, I would like to thank Steve Vinoski, Rickard Green, and Sverker Eri
|
||||
|
||||
# Versions
|
||||
|
||||
## v0.10.x
|
||||
|
||||
Ultra-late beta; tuning for the last couple of functions which could be nice to have. Added the function `randombytes/1` to obtain randombytes from the operating system. The system uses the "best" applicable (P)RNG on the target system:
|
||||
|
||||
* Windows: `RtlGenRandom()`
|
||||
* OpenBSD, Bitrig: `arc4random()`
|
||||
* Unix in general: `/dev/urandom`
|
||||
|
||||
Do note that on Linux and FreeBSD at the *least*, this is the best thing you can do. Relying on `/dev/random` is almost always wrong and gives no added security benefit. Key generation in NaCl relies on `/dev/urandom`. Go relies on `/dev/urandom`. It is about time Erlang does as well.
|
||||
|
||||
## v0.9.x
|
||||
|
||||
Ultra-late beta. Code probably works, but it requires some real-world use before it is deemed entirely stable.
|
||||
|
||||
@ -559,6 +559,25 @@ ERL_NIF_TERM enif_crypto_onetimeauth_verify(ErlNifEnv *env, int argc, ERL_NIF_TE
|
||||
}
|
||||
}
|
||||
|
||||
static
|
||||
ERL_NIF_TERM enif_randombytes(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[])
|
||||
{
|
||||
size_t req_size;
|
||||
ErlNifBinary result;
|
||||
|
||||
if ((argc != 1) || (!enif_get_uint64(env, argv[0], &req_size))) {
|
||||
return enif_make_badarg(env);
|
||||
}
|
||||
|
||||
if (!enif_alloc_binary(req_size, &result)) {
|
||||
return nacl_error_tuple(env, "alloc_failed");
|
||||
}
|
||||
|
||||
randombytes(result.data, result.size);
|
||||
|
||||
return enif_make_binary(env, &result);
|
||||
}
|
||||
|
||||
/* Tie the knot to the Erlang world */
|
||||
static ErlNifFunc nif_funcs[] = {
|
||||
{"crypto_box_NONCEBYTES", 0, enif_crypto_box_NONCEBYTES},
|
||||
@ -613,7 +632,10 @@ static ErlNifFunc nif_funcs[] = {
|
||||
{"crypto_hash_b", 1, enif_crypto_hash},
|
||||
{"crypto_hash", 1, enif_crypto_hash, ERL_NIF_DIRTY_JOB_CPU_BOUND},
|
||||
{"crypto_verify_16", 2, enif_crypto_verify_16},
|
||||
{"crypto_verify_32", 2, enif_crypto_verify_32}
|
||||
{"crypto_verify_32", 2, enif_crypto_verify_32},
|
||||
|
||||
{"randombytes_b", 1, enif_randombytes},
|
||||
{"randombytes", 1, enif_randombytes, ERL_NIF_DIRTY_JOB_CPU_BOUND}
|
||||
};
|
||||
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
{application, enacl,
|
||||
[
|
||||
{description, "Erlang NaCl bindings"},
|
||||
{vsn, "0.9.0"},
|
||||
{vsn, "0.10.0"},
|
||||
{registered, []},
|
||||
{applications, [kernel, stdlib]},
|
||||
{env, []}
|
||||
|
||||
@ -62,6 +62,11 @@
|
||||
verify_32/2
|
||||
]).
|
||||
|
||||
%% Libsodium specific functions (which are also part of the "undocumented" interface to NaCl
|
||||
-export([
|
||||
randombytes/1
|
||||
]).
|
||||
|
||||
%% Other helper functions
|
||||
-export([
|
||||
reds/1
|
||||
@ -85,6 +90,8 @@
|
||||
-define(AUTH_REDUCTIONS, 102 * 2).
|
||||
-define(ONETIME_AUTH_SIZE, 128 * 1024).
|
||||
-define(ONETIME_AUTH_REDUCTIONS, 105 * 2).
|
||||
-define(RANDOMBYTES_SIZE, 1024).
|
||||
-define(RANDOMBYTES_REDUCTIONS, 200).
|
||||
|
||||
%% Count reductions and number of scheduler yields for Fun. Fun is assumed
|
||||
%% to be one of the above exor variants.
|
||||
@ -481,6 +488,24 @@ onetime_auth_size() -> enacl_nif:crypto_onetimeauth_BYTES().
|
||||
-spec onetime_auth_key_size() -> pos_integer().
|
||||
onetime_auth_key_size() -> enacl_nif:crypto_onetimeauth_KEYBYTES().
|
||||
|
||||
%% Obtaining random bytes
|
||||
|
||||
%% @doc randombytes/1 produces a stream of random bytes of the given size
|
||||
%% The security properties of the random stream are that of the libsodium library. Specifically,
|
||||
%% we use:
|
||||
%%
|
||||
%% * RtlGenRandom() on Windows systems
|
||||
%% * arc4random() on OpenBSD and Bitrig
|
||||
%% * /dev/urandom on other Unix environments
|
||||
%%
|
||||
%% It is up to you to pick a system with a appropriately strong (P)RNG for your purpose. We refer
|
||||
%% you to the underlying system implementations for random data.
|
||||
%% @end
|
||||
randombytes(N) when N =< ?RANDOMBYTES_SIZE ->
|
||||
bump(enacl_nif:randombytes_b(N), ?RANDOMBYTES_REDUCTIONS, ?RANDOMBYTES_SIZE, N);
|
||||
randombytes(N) ->
|
||||
enacl_nif:randombytes(N).
|
||||
|
||||
%% Helpers
|
||||
p_zerobytes() ->
|
||||
binary:copy(<<0>>, enacl_nif:crypto_box_ZEROBYTES()).
|
||||
|
||||
@ -72,6 +72,12 @@
|
||||
crypto_verify_32/2
|
||||
]).
|
||||
|
||||
%% Access to the RNG
|
||||
-export([
|
||||
randombytes/1,
|
||||
randombytes_b/1
|
||||
]).
|
||||
|
||||
-on_load(init/0).
|
||||
|
||||
init() ->
|
||||
@ -143,3 +149,7 @@ crypto_hash(Input) when is_binary(Input) -> not_loaded().
|
||||
crypto_hash_b(Input) when is_binary(Input) -> not_loaded().
|
||||
crypto_verify_16(_X, _Y) -> not_loaded().
|
||||
crypto_verify_32(_X, _Y) -> not_loaded().
|
||||
|
||||
randombytes(_RequestedSize) -> not_loaded().
|
||||
randombytes_b(_RequestedSize) -> not_loaded().
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user