entropy 0.4.1.7 → 0.4.1.9
raw patch · 7 files changed
+42/−122 lines, 7 filesdep ~Win32dep ~ghcjs-dom
Dependency ranges changed: Win32, ghcjs-dom
Files
- System/Entropy.hs +2/−5
- System/EntropyGhcjs.hs +3/−3
- System/EntropyNix.hs +5/−1
- System/EntropyWindows.hs +14/−15
- System/EntropyXen.hs +0/−76
- cbits/random_initialized.c +4/−0
- entropy.cabal +14/−22
System/Entropy.hs view
@@ -11,7 +11,6 @@ - Windows via CryptoAPI - *nix systems via @\/dev\/urandom@ - Includes QNX- - Xen (only when RDRAND is available) - ghcjs/browser via JavaScript crypto API. -} @@ -28,8 +27,6 @@ import System.EntropyGhcjs #elif defined(isWindows) import System.EntropyWindows-#elif XEN-import System.EntropyXen #else import System.EntropyNix #endif@@ -39,11 +36,11 @@ -- |Get a specific number of bytes of cryptographically -- secure random data using the *system-specific* sources.--- (As of 0.4. Verions <0.4 mixed system and hardware sources)+-- (As of 0.4. Versions <0.4 mixed system and hardware sources) -- -- The returned random value is considered cryptographically secure but not true entropy. ----- On some platforms this requies a file handle which can lead to resource+-- On some platforms this requires a file handle which can lead to resource -- exhaustion in some situations. getEntropy :: Int -- ^ Number of bytes -> IO B.ByteString
System/EntropyGhcjs.hs view
@@ -19,7 +19,7 @@ import GHCJS.DOM.Crypto as Crypto import GHCJS.DOM.Types (ArrayBufferView (..), fromJSValUnchecked) import GHCJS.DOM.GlobalCrypto (getCrypto)-import GHCJS.DOM (currentWindowUnchecked)+import GHCJS.DOM (globalThisUnchecked) import Language.Javascript.JSaddle.Object as JS @@ -36,8 +36,8 @@ -- |Open a `CryptHandle` openHandle :: IO CryptHandle openHandle = do- w <- currentWindowUnchecked- CH <$> getCrypto w+ this <- globalThisUnchecked+ CH <$> getCrypto this -- |Close the `CryptHandle` closeHandle :: CryptHandle -> IO ()
System/EntropyNix.hs view
@@ -34,7 +34,7 @@ #undef HAVE_RDRAND #endif -import System.Posix (openFd, closeFd, fdReadBuf, OpenMode(..), defaultFileFlags, Fd)+import System.Posix (openFd, closeFd, fdReadBuf, OpenMode(..), defaultFileFlags, Fd, OpenFileFlags(..)) source :: FilePath source = "/dev/urandom"@@ -75,7 +75,11 @@ openRandomFile :: IO Fd openRandomFile = do evaluate ensurePoolInitialized+#if MIN_VERSION_unix(2,8,0)+ openFd source ReadOnly defaultFileFlags { creat = Nothing }+#else openFd source ReadOnly Nothing defaultFileFlags+#endif -- |Close the `CryptHandle` closeHandle :: CryptHandle -> IO ()
System/EntropyWindows.hs view
@@ -31,21 +31,20 @@ import Foreign.Marshal.Utils (toBool) import Foreign.Storable (peek) -{- C example for windows rng - taken from a blog, can't recall which one but thank you!- #include <Windows.h>- #include <Wincrypt.h>- ...- //- // DISCLAIMER: Don't forget to check your error codes!!- // I am not checking as to make the example simple...- //- HCRYPTPROV hCryptCtx = NULL;- BYTE randomArray[128];-- CryptAcquireContext(&hCryptCtx, NULL, MS_DEF_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);- CryptGenRandom(hCryptCtx, 128, randomArray);- CryptReleaseContext(hCryptCtx, 0);--}+-- C example for windows rng - taken from a blog, can't recall which one but thank you!+-- #include <Windows.h>+-- #include <Wincrypt.h>+-- ...+-- //+-- // DISCLAIMER: Don't forget to check your error codes!!+-- // I am not checking as to make the example simple...+-- //+-- HCRYPTPROV hCryptCtx = NULL;+-- BYTE randomArray[128];+--+-- CryptAcquireContext(&hCryptCtx, NULL, MS_DEF_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);+-- CryptGenRandom(hCryptCtx, 128, randomArray);+-- CryptReleaseContext(hCryptCtx, 0); #ifdef arch_i386
− System/EntropyXen.hs
@@ -1,76 +0,0 @@-{-# LANGUAGE CPP, ForeignFunctionInterface, BangPatterns, ScopedTypeVariables #-}-{-|- Maintainer: Thomas.DuBuisson@gmail.com- Stability: beta- Portability: portable-- Obtain entropy from RDRAND when available.---}--module System.EntropyXen- ( CryptHandle- , openHandle- , hGetEntropy- , closeHandle- , hardwareRandom- ) where--import Control.Monad (liftM, when)-import Data.ByteString as B-import System.IO.Error (mkIOError, eofErrorType, ioeSetErrorString)--import Foreign (allocaBytes)-import Foreign.Ptr-import Foreign.C.Types-import Data.ByteString.Internal as B--#ifdef arch_i386--- See .cabal wrt GCC 4.8.2 asm compilation bug-#undef HAVE_RDRAND-#endif--#ifndef HAVE_RDRAND-#error "The entropy package requires RDRAND support when using the halvm/Xen"-#endif-data CryptHandle = UseRdRand -- or die trying---- |Open a `CryptHandle`-openHandle :: IO CryptHandle-openHandle = do- b <- cpuHasRdRand- if b then return UseRdRand- else nonRDRandHandle- where- nonRDRandHandle :: IO CryptHandle- nonRDRandHandle = error "entropy: On halvm there is no entropy other than RDRAND."---- |Close the `CryptHandle`-closeHandle :: CryptHandle -> IO ()-closeHandle UseRdRand = return ()---- | Get random values from the hardware RNG or return Nothing if no--- supported hardware RNG is available.------ Supported hardware:--- * RDRAND--- * Patches welcome-hardwareRandom :: Int -> IO (Maybe B.ByteString)-hardwareRandom sz = Just <$> hGetEntropy UseRdRand sz---- |Read random data from a `CryptHandle`, which uses RDRAND (when on Xen)-hGetEntropy :: CryptHandle -> Int -> IO B.ByteString-hGetEntropy UseRdRand = \n -> do- B.create n $ \ptr -> do- r <- c_get_rand_bytes (castPtr ptr) (fromIntegral n)- when (r /= 0)- (fail "RDRand failed to gather entropy")--foreign import ccall unsafe "cpu_has_rdrand"- c_cpu_has_rdrand :: IO CInt--foreign import ccall unsafe "get_rand_bytes"- c_get_rand_bytes :: Ptr CUChar -> CSize -> IO CInt--cpuHasRdRand :: IO Bool-cpuHasRdRand = (/= 0) `fmap` c_cpu_has_rdrand
cbits/random_initialized.c view
@@ -6,12 +6,14 @@ #include <unistd.h> #ifdef HAVE_GETENTROPY+#ifndef !DO_NOT_USE_GET_ENTROPY static int ensure_pool_initialized_getentropy() { char tmp; return getentropy(&tmp, sizeof(tmp)); } #endif+#endif // Poll /dev/random to wait for randomness. This is a proxy for the /dev/urandom // pool being initialized.@@ -46,8 +48,10 @@ int ensure_pool_initialized() { #ifdef HAVE_GETENTROPY+#ifndef !DO_NOT_USE_GET_ENTROPY if (ensure_pool_initialized_getentropy() == 0) return 0;+#endif #endif return ensure_pool_initialized_poll();
entropy.cabal view
@@ -1,6 +1,6 @@ name: entropy -version: 0.4.1.7+version: 0.4.1.9 description: A mostly platform independent method to obtain cryptographically strong entropy (RDRAND, urandom, CryptAPI, and patches welcome) Users looking for cryptographically strong (number-theoretically@@ -16,8 +16,6 @@ bug-reports: https://github.com/TomMD/entropy/issues stability: stable --- build-type: Simple--- ^^ Used for HaLVM build-type: Custom -- ^^ Test for RDRAND support using 'ghc'@@ -26,16 +24,14 @@ -- data-files: extra-source-files: ./cbits/getrandom.c ./cbits/random_initialized.c ./cbits/rdrand.c, ./cbits/rdrand.h, README.md --- Notice to compile with HaLVM the above 'build-type' must be changed--- to 'Simple' instead of 'Custom'. The current build system naively--- runs GHC to determine if the compiler supports RDRAND before proceeding.-flag halvm- description: Build for the HaLVM- default: False-+Flag DoNotGetEntropy+ Description: Avoid use of the getentropy() *nix function. By default getentropy will be used+ if detected during compilation (this plays poorly with cross compilation).+ Default: False+ Manual: True custom-setup- setup-depends: Cabal >= 1.10 && < 3.7+ setup-depends: Cabal >= 1.10 && < 3.9 , base < 5 , filepath < 1.5 , directory < 1.4@@ -50,10 +46,7 @@ if os(windows) other-modules: System.EntropyWindows else {- if os(halvm)- other-modules: System.EntropyXen- else- other-modules: System.EntropyNix+ other-modules: System.EntropyNix } } other-extensions: CPP, ForeignFunctionInterface, BangPatterns,@@ -63,13 +56,10 @@ default-language: Haskell2010 if impl(ghcjs) || os(ghcjs) {- build-depends: ghcjs-dom+ build-depends: ghcjs-dom >= 0.9.5.0 && < 1 , jsaddle } else {- if(os(halvm))- cpp-options: -DXEN -DHAVE_RDRAND- cc-options: -DXEN -DHAVE_RDRAND if arch(x86_64) cpp-options: -Darch_x86_64 cc-options: -Darch_x86_64 -O2@@ -85,9 +75,11 @@ cc-options: -DisWindows extra-libraries: advapi32 else- if !os(halvm)- Build-Depends: unix- c-sources: cbits/getrandom.c cbits/random_initialized.c+ Build-Depends: unix+ c-sources: cbits/getrandom.c cbits/random_initialized.c+ }+ if flag(DoNotGetEntropy) {+ cc-options: -DDO_NOT_USE_GET_ENTROPY }