Module: SecureRandom
- Defined in:
- lib/securerandom.rb
Class Method Summary collapse
-
.base64(n = nil) ⇒ Object
SecureRandom.base64 generates a random base64 string.
-
.hex(n = nil) ⇒ Object
SecureRandom.hex generates a random hex string.
-
.lastWin32ErrorMessage ⇒ Object
Following code is based on David Garamond’s GUID library for Ruby.
-
.random_bytes(n = nil) ⇒ Object
SecureRandom.random_bytes generates a random binary string.
-
.random_number(n = 0) ⇒ Object
SecureRandom.random_number generates a random number.
-
.urlsafe_base64(n = nil, padding = false) ⇒ Object
SecureRandom.urlsafe_base64 generates a random URL-safe base64 string.
-
.uuid ⇒ Object
SecureRandom.uuid generates a v4 random UUID (Universally Unique IDentifier).
Class Method Details
.base64(n = nil) ⇒ Object
SecureRandom.base64 generates a random base64 string.
The argument n specifies the length of the random length. The length of the result string is about 4/3 of n.
If n is not specified, 16 is assumed. It may be larger in future.
The result may contain A-Z, a-z, 0-9, “+”, “/” and “=”.
p SecureRandom.base64 #=> "/2BuBuLf3+WfSKyQbRcc/A=="
p SecureRandom.base64 #=> "6BbW0pxO0YENxn38HMUbcQ=="
If secure random number generator is not available, NotImplementedError is raised.
See RFC 3548 for the definition of base64.
161 162 163 |
# File 'lib/securerandom.rb', line 161 def self.base64(n=nil) [random_bytes(n)].pack("m*").delete("\n") end |
.hex(n = nil) ⇒ Object
SecureRandom.hex generates a random hex string.
The argument n specifies the length of the random length. The length of the result string is twice of n.
If n is not specified, 16 is assumed. It may be larger in future.
The result may contain 0-9 and a-f.
p SecureRandom.hex #=> "eb693ec8252cd630102fd0d0fb7c3485"
p SecureRandom.hex #=> "91dc3bfb4de5b11d029d376634589b61"
If secure random number generator is not available, NotImplementedError is raised.
140 141 142 |
# File 'lib/securerandom.rb', line 140 def self.hex(n=nil) random_bytes(n).unpack("H*")[0] end |
.lastWin32ErrorMessage ⇒ Object
Following code is based on David Garamond’s GUID library for Ruby.
255 256 257 258 259 260 261 262 263 264 265 |
# File 'lib/securerandom.rb', line 255 def self.lastWin32ErrorMessage # :nodoc: get_last_error = Win32API.new("kernel32", "GetLastError", '', 'L') = Win32API.new("kernel32", "FormatMessageA", 'LPLLPLPPPPPPPP', 'L') = 0x00000200 = 0x00001000 code = get_last_error.call msg = "\0" * 1024 len = .call( + , 0, code, 0, msg, 1024, nil, nil, nil, nil, nil, nil, nil, nil) msg[0, len].force_encoding("filesystem").tr("\r", '').chomp end |
.random_bytes(n = nil) ⇒ Object
SecureRandom.random_bytes generates a random binary string.
The argument n specifies the length of the result string.
If n is not specified, 16 is assumed. It may be larger in future.
The result may contain any byte: “x00” - “xff”.
p SecureRandom.random_bytes #=> "\xD8\\\xE0\xF4\r\xB2\xFC*WM\xFF\x83\x18\xF45\xB6"
p SecureRandom.random_bytes #=> "m\xDC\xFC/\a\x00Uf\xB2\xB2P\xBD\xFF6S\x97"
If secure random number generator is not available, NotImplementedError is raised.
56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 |
# File 'lib/securerandom.rb', line 56 def self.random_bytes(n=nil) n = n ? n.to_int : 16 if defined? OpenSSL::Random @pid = 0 if !defined?(@pid) pid = $$ if @pid != pid now = Time.now ary = [now.to_i, now.nsec, @pid, pid] OpenSSL::Random.seed(ary.to_s) @pid = pid end return OpenSSL::Random.random_bytes(n) end if !defined?(@has_urandom) || @has_urandom flags = File::RDONLY flags |= File::NONBLOCK if defined? File::NONBLOCK flags |= File::NOCTTY if defined? File::NOCTTY begin File.open("/dev/urandom", flags) {|f| unless f.stat.chardev? raise Errno::ENOENT end @has_urandom = true ret = f.read(n) if ret.length != n raise NotImplementedError, "Unexpected partial read from random device: only #{ret.length} for #{n} bytes" end return ret } rescue Errno::ENOENT @has_urandom = false end end if !defined?(@has_win32) begin require 'Win32API' crypt_acquire_context = Win32API.new("advapi32", "CryptAcquireContext", 'PPPII', 'L') @crypt_gen_random = Win32API.new("advapi32", "CryptGenRandom", 'VIP', 'L') hProvStr = " " * DL::SIZEOF_VOIDP prov_rsa_full = 1 crypt_verifycontext = 0xF0000000 if crypt_acquire_context.call(hProvStr, nil, nil, prov_rsa_full, crypt_verifycontext) == 0 raise SystemCallError, "CryptAcquireContext failed: #{lastWin32ErrorMessage}" end type = DL::SIZEOF_VOIDP == DL::SIZEOF_LONG_LONG ? 'q' : 'l' @hProv, = hProvStr.unpack(type) @has_win32 = true rescue LoadError @has_win32 = false end end if @has_win32 bytes = " ".force_encoding("ASCII-8BIT") * n if @crypt_gen_random.call(@hProv, bytes.size, bytes) == 0 raise SystemCallError, "CryptGenRandom failed: #{lastWin32ErrorMessage}" end return bytes end raise NotImplementedError, "No random device" end |
.random_number(n = 0) ⇒ Object
SecureRandom.random_number generates a random number.
If a positive integer is given as n, SecureRandom.random_number returns an integer: 0 <= SecureRandom.random_number(n) < n.
p SecureRandom.random_number(100) #=> 15
p SecureRandom.random_number(100) #=> 88
If 0 is given or an argument is not given, SecureRandom.random_number returns a float: 0.0 <= SecureRandom.random_number() < 1.0.
p SecureRandom.random_number #=> 0.596506046187744
p SecureRandom.random_number #=> 0.350621695741409
215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 |
# File 'lib/securerandom.rb', line 215 def self.random_number(n=0) if 0 < n hex = n.to_s(16) hex = '0' + hex if (hex.length & 1) == 1 bin = [hex].pack("H*") mask = bin[0].ord mask |= mask >> 1 mask |= mask >> 2 mask |= mask >> 4 begin rnd = SecureRandom.random_bytes(bin.length) rnd[0] = (rnd[0].ord & mask).chr end until rnd < bin rnd.unpack("H*")[0].hex else # assumption: Float::MANT_DIG <= 64 i64 = SecureRandom.random_bytes(8).unpack("Q")[0] Math.ldexp(i64 >> (64-Float::MANT_DIG), -Float::MANT_DIG) end end |
.urlsafe_base64(n = nil, padding = false) ⇒ Object
SecureRandom.urlsafe_base64 generates a random URL-safe base64 string.
The argument n specifies the length of the random length. The length of the result string is about 4/3 of n.
If n is not specified, 16 is assumed. It may be larger in future.
The boolean argument padding specifies the padding. If it is false or nil, padding is not generated. Otherwise padding is generated. By default, padding is not generated because “=” may be used as a URL delimiter.
The result may contain A-Z, a-z, 0-9, “-” and “_”. “=” is also used if padding is true.
p SecureRandom.urlsafe_base64 #=> "b4GOKm4pOYU_-BOXcrUGDg"
p SecureRandom.urlsafe_base64 #=> "UZLdOkzop70Ddx-IJR0ABg"
p SecureRandom.urlsafe_base64(nil, true) #=> "i0XQ-7gglIsHGV2_BNPrdQ=="
p SecureRandom.urlsafe_base64(nil, true) #=> "-M8rLhr7JEpJlqFGUMmOxg=="
If secure random number generator is not available, NotImplementedError is raised.
See RFC 3548 for the definition of URL-safe base64.
191 192 193 194 195 196 197 |
# File 'lib/securerandom.rb', line 191 def self.urlsafe_base64(n=nil, padding=false) s = [random_bytes(n)].pack("m*") s.delete!("\n") s.tr!("+/", "-_") s.delete!("=") if !padding s end |
.uuid ⇒ Object
SecureRandom.uuid generates a v4 random UUID (Universally Unique IDentifier).
p SecureRandom.uuid #=> "2d931510-d99f-494a-8c67-87feb05e1594"
p SecureRandom.uuid #=> "bad85eb9-0713-4da7-8d36-07a8e4b00eab"
p SecureRandom.uuid #=> "62936e70-1815-439b-bf89-8492855a7e6b"
The version 4 UUID is purely random (except the version). It doesn’t contain meaningful information such as MAC address, time, etc.
See RFC 4122 for details of UUID.
247 248 249 250 251 252 |
# File 'lib/securerandom.rb', line 247 def self.uuid ary = self.random_bytes(16).unpack("NnnnnN") ary[2] = (ary[2] & 0x0fff) | 0x4000 ary[3] = (ary[3] & 0x3fff) | 0x8000 "%08x-%04x-%04x-%04x-%04x%08x" % ary end |