In Files
- openssl/ossl.c
Namespace
Class/Module Index
- Integer
- OpenSSL::ASN1
- OpenSSL::ASN1::ASN1Data
- OpenSSL::ASN1::ASN1Error
- OpenSSL::ASN1::Constructive
- OpenSSL::ASN1::ObjectId
- OpenSSL::ASN1::Primitive
- OpenSSL::BN
- OpenSSL::BNError
- OpenSSL::Buffering
- OpenSSL::Cipher
- OpenSSL::Cipher::Cipher
- OpenSSL::Cipher::CipherError
- OpenSSL::Config
- OpenSSL::ConfigError
- OpenSSL::Digest
- OpenSSL::Digest::DigestError
- OpenSSL::Engine
- OpenSSL::Engine::EngineError
- OpenSSL::ExtConfig
- OpenSSL::HMAC
- OpenSSL::HMACError
- OpenSSL::Netscape
- OpenSSL::Netscape::SPKI
- OpenSSL::Netscape::SPKIError
- OpenSSL::OCSP
- OpenSSL::OCSP::BasicResponse
- OpenSSL::OCSP::CertificateId
- OpenSSL::OCSP::OCSPError
- OpenSSL::OCSP::Request
- OpenSSL::OCSP::Response
- OpenSSL::OpenSSLError
- OpenSSL::PKCS12
- OpenSSL::PKCS12::PKCS12Error
- OpenSSL::PKCS5
- OpenSSL::PKCS5::PKCS5Error
- OpenSSL::PKCS7
- OpenSSL::PKCS7::PKCS7Error
- OpenSSL::PKCS7::RecipientInfo
- OpenSSL::PKCS7::SignerInfo
- OpenSSL::PKey
- OpenSSL::PKey::DH
- OpenSSL::PKey::DHError
- OpenSSL::PKey::DSA
- OpenSSL::PKey::DSAError
- OpenSSL::PKey::EC
- OpenSSL::PKey::EC::Group
- OpenSSL::PKey::EC::Group::Error
- OpenSSL::PKey::EC::Point
- OpenSSL::PKey::EC::Point::Error
- OpenSSL::PKey::ECError
- OpenSSL::PKey::PKey
- OpenSSL::PKey::PKeyError
- OpenSSL::PKey::RSA
- OpenSSL::PKey::RSAError
- OpenSSL::Random
- OpenSSL::Random::RandomError
- OpenSSL::SSL
- OpenSSL::SSL::SSLContext
- OpenSSL::SSL::SSLContext::ExtConfig
- OpenSSL::SSL::SSLError
- OpenSSL::SSL::SSLErrorWaitReadable
- OpenSSL::SSL::SSLErrorWaitWritable
- OpenSSL::SSL::SSLServer
- OpenSSL::SSL::SSLSocket
- OpenSSL::SSL::SSLSocket::ExtConfig
- OpenSSL::SSL::Session
- OpenSSL::SSL::Session::SessionError
- OpenSSL::SSL::SocketForwarder
- OpenSSL::X509
- OpenSSL::X509::Attribute
- OpenSSL::X509::AttributeError
- OpenSSL::X509::CRL
- OpenSSL::X509::CRLError
- OpenSSL::X509::Certificate
- OpenSSL::X509::CertificateError
- OpenSSL::X509::Extension
- OpenSSL::X509::ExtensionError
- OpenSSL::X509::ExtensionFactory
- OpenSSL::X509::Name
- OpenSSL::X509::Name::RFC2253DN
- OpenSSL::X509::NameError
- OpenSSL::X509::Request
- OpenSSL::X509::RequestError
- OpenSSL::X509::Revoked
- OpenSSL::X509::RevokedError
- OpenSSL::X509::Store
- OpenSSL::X509::StoreContext
- OpenSSL::X509::StoreError
- unknown
OpenSSL::Random
Public Class Methods
Same as ::egd_bytes but queries 255 bytes by default.
static VALUE ossl_rand_egd(VALUE self, VALUE filename) { SafeStringValue(filename); if(!RAND_egd(RSTRING_PTR(filename))) { ossl_raise(eRandomError, NULL); } return Qtrue; }
Queries the entropy gathering daemon EGD on socket path given by
filename
.
Fetches length
number of bytes and uses ::add to seed the
OpenSSL built-in PRNG.
static VALUE ossl_rand_egd_bytes(VALUE self, VALUE filename, VALUE len) { int n = NUM2INT(len); SafeStringValue(filename); if (!RAND_egd_bytes(RSTRING_PTR(filename), n)) { ossl_raise(eRandomError, NULL); } return Qtrue; }
Reads bytes from filename
and adds them to the PRNG.
static VALUE ossl_rand_load_file(VALUE self, VALUE filename) { SafeStringValue(filename); if(!RAND_load_file(RSTRING_PTR(filename), -1)) { ossl_raise(eRandomError, NULL); } return Qtrue; }
Generates string
with length
number of
pseudo-random bytes.
Pseudo-random byte sequences generated by ::pseudo_bytes will be unique if they are of sufficient length, but are not necessarily unpredictable.
Example: OpenSSL::Random.pseudo_bytes(12) => "..."
static VALUE ossl_rand_pseudo_bytes(VALUE self, VALUE len) { VALUE str; int n = NUM2INT(len); str = rb_str_new(0, n); if (!RAND_pseudo_bytes((unsigned char *)RSTRING_PTR(str), n)) { ossl_raise(eRandomError, NULL); } return str; }
Mixes the bytes from str
into the Pseudo Random Number Generator(PRNG) state.
Thus, if the data from str
are unpredictable to an adversary,
this increases the uncertainty about the state and makes the PRNG output
less predictable.
The entropy
argument is (the lower bound of) an estimate of
how much randomness is contained in str
, measured in bytes.
Example: pid = $$ now = Time.now ary = [now.to_i, now.nsec, 1000, pid] OpenSSL::Random.add(ary.join("").to_s, 0.0) OpenSSL::Random.seed(ary.join("").to_s)
static VALUE ossl_rand_add(VALUE self, VALUE str, VALUE entropy) { StringValue(str); RAND_add(RSTRING_PTR(str), RSTRING_LENINT(str), NUM2DBL(entropy)); return self; }
Generates string
with length
number of
cryptographically strong pseudo-random bytes.
Example: OpenSSL::Random.random_bytes(12) => "..."
static VALUE ossl_rand_bytes(VALUE self, VALUE len) { VALUE str; int n = NUM2INT(len); int ret; str = rb_str_new(0, n); ret = RAND_bytes((unsigned char *)RSTRING_PTR(str), n); if (ret == 0){ char buf[256]; ERR_error_string_n(ERR_get_error(), buf, 256); ossl_raise(eRandomError, "RAND_bytes error: %s", buf); } else if (ret == -1) { ossl_raise(eRandomError, "RAND_bytes is not supported"); } return str; }
::seed is equivalent to ::add where
entropy
is length of str
.
static VALUE ossl_rand_seed(VALUE self, VALUE str) { StringValue(str); RAND_seed(RSTRING_PTR(str), RSTRING_LENINT(str)); return str; }
Return true if the PRNG has been seeded with enough data, false otherwise.
static VALUE ossl_rand_status(VALUE self) { return RAND_status() ? Qtrue : Qfalse; }
Writes a number of random generated bytes (currently 1024) to
filename
which can be used to initialize the PRNG by calling
::load_random_file in a
later session.
static VALUE ossl_rand_write_file(VALUE self, VALUE filename) { SafeStringValue(filename); if (RAND_write_file(RSTRING_PTR(filename)) == -1) { ossl_raise(eRandomError, NULL); } return Qtrue; }