From d07008a0562d1f83dcab144fdec9fd920deb2b96 Mon Sep 17 00:00:00 2001 From: Guilherme Andrade Date: Sun, 12 Mar 2017 17:20:00 +0000 Subject: Support generation of strong random numbers --- lib/crypto/doc/src/crypto.xml | 46 +++++++++++++++++++++++++++++++++++++++---- 1 file changed, 42 insertions(+), 4 deletions(-) (limited to 'lib/crypto/doc') diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml index d0deaceaaf..0697f6a202 100644 --- a/lib/crypto/doc/src/crypto.xml +++ b/lib/crypto/doc/src/crypto.xml @@ -658,10 +658,13 @@

Set the seed for PRNG to the given binary. This calls the - RAND_seed function from openssl. Only use this if the system - you are running on does not have enough "randomness" built in. - Normally this is when - strong_rand_bytes/1 returns low_entropy

+ RAND_seed function from openssl. Only use this if the system + you are running on does not have enough "randomness" built in. + Normally this is when either + strong_rand_bytes/1, + strong_rand_uniform/0 or + strong_rand_uniform/1 + throws low_entropy

 @@ -728,6 +731,41 @@ failed due to lack of secure "randomness".

+ + + strong_rand_uniform() -> X + Generate a random floating point number between 0.0 and 1.0 + + X = float() + + +

Generates a random floating pointer number uniformly distributed + in the value range + Uses a cryptographically secure prng seeded and periodically mixed with operating system + provided entropy. By default this is the BN_rand_range method from OpenSSL.

+

May throw exception low_entropy in case the random generator + failed due to lack of secure "randomness".

+

The generated values shall present no more than 51 bits of effective entropy.

 + + + + + strong_rand_uniform(N) -> X + Generate a random positive integer between 1 and N + + N = pos_integer() + X = 1..N + + +

Generates a a random positive integer uniformly distributed + in the value range + Uses a cryptographically secure prng seeded and periodically mixed with operating system + provided entropy. By default this is the BN_rand_range method from OpenSSL.

+

May throw exception low_entropy in case the random generator + failed due to lack of secure "randomness".

+ + + stream_init(Type, Key) -> State -- cgit v1.2.3 From e50f63fbb2c974b4b8ad50095ca0b16a846fc161 Mon Sep 17 00:00:00 2001 From: Guilherme Andrade Date: Sat, 18 Mar 2017 12:57:19 +0000 Subject: Restyle crypto strong numeric generators for usage in rand --- lib/crypto/doc/src/crypto.xml | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) (limited to 'lib/crypto/doc') diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml index 0697f6a202..dc725a41be 100644 --- a/lib/crypto/doc/src/crypto.xml +++ b/lib/crypto/doc/src/crypto.xml @@ -662,8 +662,8 @@ you are running on does not have enough "randomness" built in. Normally this is when either strong_rand_bytes/1, - strong_rand_uniform/0 or - strong_rand_uniform/1 + strong_rand_range/1 or + strong_rand_float/0 throws low_entropy

 @@ -733,36 +733,36 @@ - strong_rand_uniform() -> X - Generate a random floating point number between 0.0 and 1.0 + strong_rand_range(N) -> binary() + Generate a random non-negative integer between 0 and N - X = float() + N = pos_integer() | binary() -

Generates a random floating pointer number uniformly distributed - in the value range +

Generates a random non-negative integer uniformly distributed + in the value range Uses a cryptographically secure prng seeded and periodically mixed with operating system provided entropy. By default this is the BN_rand_range method from OpenSSL.

+

Returns binary representation.

May throw exception low_entropy in case the random generator failed due to lack of secure "randomness".

-

The generated values shall present no more than 51 bits of effective entropy.

 - strong_rand_uniform(N) -> X - Generate a random positive integer between 1 and N + strong_rand_float() -> X + Generate a random floating point number between 0.0 and 1.0 - N = pos_integer() - X = 1..N + X = float() -

Generates a a random positive integer uniformly distributed - in the value range +

Generates a random floating pointer number uniformly distributed + in the value range Uses a cryptographically secure prng seeded and periodically mixed with operating system provided entropy. By default this is the BN_rand_range method from OpenSSL.

May throw exception low_entropy in case the random generator failed due to lack of secure "randomness".

+

The generated values shall present no more than 51 bits of effective entropy.

 -- cgit v1.2.3 From 77039e648c8a62bfc4f0242531d5fd4874b29aad Mon Sep 17 00:00:00 2001 From: Guilherme Andrade Date: Sat, 18 Mar 2017 17:27:35 +0000 Subject: Support cryptographically strong rand plugin --- lib/crypto/doc/src/crypto.xml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) (limited to 'lib/crypto/doc') diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml index dc725a41be..7a5bd62c26 100644 --- a/lib/crypto/doc/src/crypto.xml +++ b/lib/crypto/doc/src/crypto.xml @@ -766,6 +766,35 @@ + + rand_seed() -> rand:state() + Strong random number generation plugin state> + + Creates state object for random number generation, + in order to generate cryptographically strong random numbers + (based on OpenSSL's BN_rand_range), + and saves it on process dictionary before returning it as well. + See also rand:seed/1 + +

Example

+ 
+crypto:rand_seed(),
+_IntegerValue = rand:uniform(42), % [1; 42]
+_FloatValue = rand:uniform().     % [0.0; 1.0]
+ + + + + rand_seed_s() -> rand:state() + Strong random number generation plugin state> + + Creates state object for random number generation, + in order to generate cryptographically strongly random numbers + (based on OpenSSL's BN_rand_range). + See also rand:seed_s/1 + + + stream_init(Type, Key) -> State -- cgit v1.2.3 From 5eae0dacf40ec60b09f0fdf761987e39320c4db0 Mon Sep 17 00:00:00 2001 From: Guilherme Andrade Date: Sat, 18 Mar 2017 17:32:23 +0000 Subject: No longer expose strong_rand_(range|float) --- lib/crypto/doc/src/crypto.xml | 40 ++-------------------------------------- 1 file changed, 2 insertions(+), 38 deletions(-) (limited to 'lib/crypto/doc') diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml index 7a5bd62c26..36a1a2c2ee 100644 --- a/lib/crypto/doc/src/crypto.xml +++ b/lib/crypto/doc/src/crypto.xml @@ -660,10 +660,8 @@

Set the seed for PRNG to the given binary. This calls the RAND_seed function from openssl. Only use this if the system you are running on does not have enough "randomness" built in. - Normally this is when either - strong_rand_bytes/1, - strong_rand_range/1 or - strong_rand_float/0 + Normally this is when + strong_rand_bytes/1 throws low_entropy

 @@ -732,40 +730,6 @@ - - strong_rand_range(N) -> binary() - Generate a random non-negative integer between 0 and N - - N = pos_integer() | binary() - - -

Generates a random non-negative integer uniformly distributed - in the value range - Uses a cryptographically secure prng seeded and periodically mixed with operating system - provided entropy. By default this is the BN_rand_range method from OpenSSL.

-

Returns binary representation.

-

May throw exception low_entropy in case the random generator - failed due to lack of secure "randomness".

- - - - - strong_rand_float() -> X - Generate a random floating point number between 0.0 and 1.0 - - X = float() - - -

Generates a random floating pointer number uniformly distributed - in the value range - Uses a cryptographically secure prng seeded and periodically mixed with operating system - provided entropy. By default this is the BN_rand_range method from OpenSSL.

-

May throw exception low_entropy in case the random generator - failed due to lack of secure "randomness".

-

The generated values shall present no more than 51 bits of effective entropy.

 - - - rand_seed() -> rand:state() Strong random number generation plugin state> -- cgit v1.2.3 From 1f236ff5a8aaedc720b45420c3d53092435ecd52 Mon Sep 17 00:00:00 2001 From: Guilherme Andrade Date: Wed, 22 Mar 2017 21:48:54 +0000 Subject: fixup! Support cryptographically strong rand plugin Be friendlier to Dialyzer --- lib/crypto/doc/src/crypto.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/crypto/doc') diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml index 36a1a2c2ee..3eee24769d 100644 --- a/lib/crypto/doc/src/crypto.xml +++ b/lib/crypto/doc/src/crypto.xml @@ -742,7 +742,7 @@

Example

-crypto:rand_seed(),
+_ = crypto:rand_seed(),
 _IntegerValue = rand:uniform(42), % [1; 42]
 _FloatValue = rand:uniform().     % [0.0; 1.0]
-- cgit v1.2.3 From 6f6c478401eefee1c8d7b200eb02d288739a7648 Mon Sep 17 00:00:00 2001 From: Guilherme Andrade Date: Wed, 22 Mar 2017 21:49:38 +0000 Subject: fixup! Support cryptographically strong rand plugin Fix documented range (interval is half-open.) --- lib/crypto/doc/src/crypto.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/crypto/doc') diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml index 3eee24769d..30835a8447 100644 --- a/lib/crypto/doc/src/crypto.xml +++ b/lib/crypto/doc/src/crypto.xml @@ -744,7 +744,7 @@ 
 _ = crypto:rand_seed(),
 _IntegerValue = rand:uniform(42), % [1; 42]
-_FloatValue = rand:uniform().     % [0.0; 1.0]
+_FloatValue = rand:uniform(). % [0.0; 1.0[ -- cgit v1.2.3 From e1a74e3077ca870520a748f29dd7c4b9115ce090 Mon Sep 17 00:00:00 2001 From: Raimo Niskanen Date: Mon, 3 Apr 2017 12:29:23 +0200 Subject: Clean up documentation and test cases --- lib/crypto/doc/src/crypto.xml | 35 +++++++++++++++++++++-------------- 1 file changed, 21 insertions(+), 14 deletions(-) (limited to 'lib/crypto/doc') diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml index 30835a8447..552d95d7dc 100644 --- a/lib/crypto/doc/src/crypto.xml +++ b/lib/crypto/doc/src/crypto.xml @@ -732,14 +732,17 @@ rand_seed() -> rand:state() - Strong random number generation plugin state> - - Creates state object for random number generation, - in order to generate cryptographically strong random numbers - (based on OpenSSL's BN_rand_range), - and saves it on process dictionary before returning it as well. - See also rand:seed/1 - + Strong random number generation plugin state + +

+ Creates state object for + random number generation, + in order to generate cryptographically strong random numbers + (based on OpenSSL's BN_rand_range), + and saves it on process dictionary before returning it as well. + See also + rand:seed/1. +

Example

 _ = crypto:rand_seed(),
@@ -750,12 +753,16 @@ _FloatValue = rand:uniform().     % [0.0; 1.0[
rand_seed_s() -> rand:state() - Strong random number generation plugin state> - - Creates state object for random number generation, - in order to generate cryptographically strongly random numbers - (based on OpenSSL's BN_rand_range). - See also rand:seed_s/1 + Strong random number generation plugin state + +

+ Creates state object for + random number generation, + in order to generate cryptographically strongly random numbers + (based on OpenSSL's BN_rand_range). + See also + rand:seed_s/1. +

-- cgit v1.2.3