[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: New function: secure-random-bytes
From: |
Ted Zlatanov |
Subject: |
Re: New function: secure-random-bytes |
Date: |
Fri, 24 Jun 2011 04:57:21 -0500 |
User-agent: |
Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux) |
On Fri, 24 Jun 2011 15:50:06 +0800 Leo <address@hidden> wrote:
L> It seems useful to provide a way to get some cryptographically strong
L> random bytes (e.g. for uuid generation or passwords).
L> See discussion: http://thread.gmane.org/gmane.emacs.devel/138494
L> The attached preliminary patch does this. Comments are welcome. Thanks.
Do you think you could you provide three functions,
`secure-random-bytes-{urandom,gnutls,openssl}' instead of three versions
with the same name? Then there can be a `secure-random-bytes' in
simple.el or wherever:
(secure-random-bytes) ; auto, checking with fboundp
(secure-random-bytes 'gnutls) ; try the GnuTLS version first
The nice part is that you can put `secure-random-bytes-gnutls' in
gnutls.c; make openssl.c for `secure-random-bytes-openssl' and use a
HAVE_OPENSSL ifdef; and put `secure-random-bytes-urandom' in fileio.c
inside a HAVE_URANDOM ifdef. That will avoid making up numeric
constants for SECURE_RANDOM_TYPE in favor of more meaningful constants
and puts all the new functions in the right place.
I can imagine other uses for the OpenSSL functions, so at least the
HAVE_OPENSSL macro makes a lot of sense.
I'm not sure what the auto priority should be. Are the GnuTLS/OpenSSL
functions better than /dev/urandom? They are certainly slower.
Thanks
Ted