[cl-plus-ssl-cvs] CVS cl+ssl
avodonosov
avodonosov at common-lisp.net
Tue Nov 4 00:25:52 UTC 2008
Update of /project/cl-plus-ssl/cvsroot/cl+ssl
In directory cl-net:/tmp/cvs-serv29000
Modified Files:
ffi.lisp index.html streams.lisp
Log Message:
more secure initialization of OpenSSL random number generator
--- /project/cl-plus-ssl/cvsroot/cl+ssl/ffi.lisp 2008/11/03 17:58:45 1.11
+++ /project/cl-plus-ssl/cvsroot/cl+ssl/ffi.lisp 2008/11/04 00:25:52 1.12
@@ -25,8 +25,6 @@
;;; Constants
;;;
-(defconstant +random-entropy+ 256)
-
(defconstant +ssl-filetype-pem+ 1)
(defconstant +ssl-filetype-asn1+ 2)
(defconstant +ssl-filetype-default+ 3)
@@ -342,33 +340,49 @@
;;; Initialization
;;;
-(defun init-prng ()
- ;; this initialization of random entropy is not necessary on
- ;; Linux, since the OpenSSL library automatically reads from
- ;; /dev/urandom if it exists. On Solaris it is necessary.
- (let ((buf (cffi-sys::make-shareable-byte-vector +random-entropy+)))
- (dotimes (i +random-entropy+)
- (setf (elt buf i) (random 256)))
+
+(defun init-prng (seed-byte-sequence)
+ (let* ((length (length seed-byte-sequence))
+ (buf (cffi-sys::make-shareable-byte-vector length)))
+ (dotimes (i length)
+ (setf (elt buf i) (elt seed-byte-sequence i)))
(cffi-sys::with-pointer-to-vector-data (ptr buf)
- (rand-seed ptr +random-entropy+))))
+ (rand-seed ptr length))))
(defun ssl-ctx-set-session-cache-mode (ctx mode)
(ssl-ctx-ctrl ctx +SSL_CTRL_SET_SESS_CACHE_MODE+ mode 0))
-(defun initialize (&optional (method 'ssl-v23-method))
+(defun initialize (&key (method 'ssl-v23-method) rand-seed)
(setf *bio-lisp-method* (make-bio-lisp-method))
(ssl-load-error-strings)
(ssl-library-init)
- (init-prng)
+ (when rand-seed
+ (init-prng rand-seed))
(setf *ssl-global-method* (funcall method))
(setf *ssl-global-context* (ssl-ctx-new *ssl-global-method*))
(ssl-ctx-set-session-cache-mode *ssl-global-context* 3)
(ssl-ctx-set-default-passwd-cb *ssl-global-context*
(cffi:callback pem-password-callback)))
-(defun ensure-initialized (&optional (method 'ssl-v23-method))
+(defun ensure-initialized (&key (method 'ssl-v23-method) (rand-seed nil))
+ "In most cases you do *not* need to call this function, because it
+is called automatically by all other functions. The only reason to
+call it explicitly is to supply the RAND-SEED parameter. In this case
+do it before calling any other functions.
+
+Just leave the default value for the METHOD parameter.
+
+RAND-SEED is an octet sequence to initialize OpenSSL random number generator.
+On many platforms, including Linux and Windows, it may be leaved NIL (default),
+because OpenSSL initializes the random number generator from OS specific service.
+But for example on Solaris it may be necessary to supply this value.
+The minimum length required by OpenSSL is 128 bits.
+See ttp://www.openssl.org/support/faq.html#USER1 for details.
+
+Hint: do not use Common Lisp RANDOM function to generate the RAND-SEED,
+because the function usually returns predictable values."
(unless (ssl-initialized-p)
- (initialize method))
+ (initialize :method method :rand-seed rand-seed))
(unless *bio-lisp-method*
(setf *bio-lisp-method* (make-bio-lisp-method))))
--- /project/cl-plus-ssl/cvsroot/cl+ssl/index.html 2008/11/03 23:19:28 1.23
+++ /project/cl-plus-ssl/cvsroot/cl+ssl/index.html 2008/11/04 00:25:52 1.24
@@ -94,6 +94,30 @@
<h3>API functions</h3>
<p>
+ <div class="def">Function CL+SSL:ENSURE-INITIALIZED (&key (method 'ssl-v23-method) (rand-seed nil))</div>
+ In most cases you <strong>do not</strong> need to call this function, because it is called
+ automatically. The only reason to call it explicitly is to supply the <tt>rand-seed</tt> parameter.
+ In this case do it before calling any other functions.
+ </p>
+ <p>
+ Keyword arguments:
+ </p>
+ <p>
+ <tt>method</tt>. Just leave its default value.
+ </p>
+ <p>
+ <tt>rand-seed</tt> is an octet sequence to initialize OpenSSL random number generator.
+ On many platforms, including Linux and Windows, it may be leaved NIL (default),
+ because OpenSSL initializes the random number generator from OS specific service. But for
+ example on Solaris it may be necessary to supply this value. The minimum length required
+ by OpenSSL is 128 bits. See here <a href="http://www.openssl.org/support/faq.html#USER1">
+ http://www.openssl.org/support/faq.html#USER1</a> for the details.
+ </p>
+ <p>
+ Hint: do not use Common Lisp RANDOM function to generate the <tt>rand-seed</tt>, because the function
+ usually returns predictable values.
+ </p>
+ <p>
<div class="def">Function CL+SSL:MAKE-SSL-CLIENT-STREAM (fd-or-stream &key external-format certificate key password close-callback (unwrap-streams-p t))<br/><br/>
Function CL+SSL:MAKE-SSL-SERVER-STREAM (fd-or-stream &key external-format certificate key password close-callback (unwrap-streams-p t))</div>
Return an SSL stream for the client (server)
@@ -213,7 +237,13 @@
Support for encrypted keys, thanks to Vsevolod Dyomkin.
</li>
<li>
- Chained certificates support, thanks to Juhani Ränkimies.
+ Chained certificates support, thanks to Juhani Ränkimies.
+ </li>
+ <li>
+ More secure initialization of OpenSSL random number generator.
+ </li>
+ <li>
+ Minor CLISP-specific fixes.
</li>
</ul>
<p>
@@ -229,7 +259,7 @@
</p>
<ul>
<li>
- Improved clisp support, thanks
+ Improved CLISP support, thanks
to <a
href="http://web.kepibu.org/code/lisp/cl+ssl/">Pixel
// pinterface</a>, as well as client certificate support.
--- /project/cl-plus-ssl/cvsroot/cl+ssl/streams.lisp 2008/11/03 09:25:39 1.15
+++ /project/cl-plus-ssl/cvsroot/cl+ssl/streams.lisp 2008/11/04 00:25:52 1.16
@@ -232,7 +232,7 @@
CERTIFICATE is the path to a file containing the PEM-encoded certificate for
your client. KEY is the path to the PEM-encoded key for the client, which
may be associated with the passphrase PASSWORD."
- (ensure-initialized method)
+ (ensure-initialized :method method)
(let ((stream (make-instance 'ssl-stream
:socket socket
:close-callback close-callback))
@@ -252,7 +252,7 @@
CERTIFICATE is the path to a file containing the PEM-encoded certificate for
your server. KEY is the path to the PEM-encoded key for the server, which
may be associated with the passphrase PASSWORD."
- (ensure-initialized method)
+ (ensure-initialized :method method)
(let ((stream (make-instance 'ssl-server-stream
:socket socket
:close-callback close-callback
More information about the cl-plus-ssl-cvs
mailing list