diff options
author | naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2016-03-17 06:01:11 +0000 |
---|---|---|
committer | naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2016-03-17 06:01:11 +0000 |
commit | 6545327e24c0efc7bb0cb32cd2043d79ea365790 (patch) | |
tree | 86888bbc42e83f4550ae9f91e839fef383bdd328 /ChangeLog | |
parent | 6555077aa00c9ca4bcb298392a615f729e15676a (diff) | |
download | ruby-6545327e24c0efc7bb0cb32cd2043d79ea365790.tar.gz |
* lib/securerandom.rb (gen_random): to avoid blocking on Windows.
On Windows OpenSSL RAND_bytes (underlying implementation is
RAND_poll in crypto/rand/rand_win.c) may be blocked at
NetStatisticsGet.
https://wiki.openssl.org/index.php/Random_Numbers#Windows_Issues
Instead of this, use Random.raw_seed directory (whose implementation
CryptGenRandom is one of the source of
entropy of RAND_poll on Windows).
https://wiki.openssl.org/index.php/Random_Numbers
Note: CryptGenRandom function is PRNG and doesn't check its entropy,
so it won't block. [Bug #12139]
https://msdn.microsoft.com/ja-jp/library/windows/desktop/aa379942.aspx
https://tools.ietf.org/html/rfc4086#section-7.1.3
https://eprint.iacr.org/2007/419.pdf
http://www.cs.huji.ac.il/~dolev/pubs/thesis/msc-thesis-leo.pdf
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54144 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 18 |
1 files changed, 18 insertions, 0 deletions
@@ -1,3 +1,21 @@ +Thu Mar 17 11:51:48 2016 NARUSE, Yui <naruse@ruby-lang.org> + + * lib/securerandom.rb (gen_random): to avoid blocking on Windows. + On Windows OpenSSL RAND_bytes (underlying implementation is + RAND_poll in crypto/rand/rand_win.c) may be blocked at + NetStatisticsGet. + https://wiki.openssl.org/index.php/Random_Numbers#Windows_Issues + Instead of this, use Random.raw_seed directory (whose implementation + CryptGenRandom is one of the source of + entropy of RAND_poll on Windows). + https://wiki.openssl.org/index.php/Random_Numbers + Note: CryptGenRandom function is PRNG and doesn't check its entropy, + so it won't block. [Bug #12139] + https://msdn.microsoft.com/ja-jp/library/windows/desktop/aa379942.aspx + https://tools.ietf.org/html/rfc4086#section-7.1.3 + https://eprint.iacr.org/2007/419.pdf + http://www.cs.huji.ac.il/~dolev/pubs/thesis/msc-thesis-leo.pdf + Thu Mar 17 12:09:00 2016 Martin Duerst <duerst@it.aoyama.ac.jp> * enc/unicode.c: Fixed two macro definitions. |