[noctool-cvs] CVS source

imattsson imattsson at common-lisp.net
Sat Jun 7 10:24:07 UTC 2008 

Update of /project/noctool/cvsroot/source
In directory clnet:/tmp/cvs-serv11491

Modified Files:
	utils.lisp 
Log Message:
IM

Restructured the BASE64-encoding, needed a way of BASE64-encoding
arbritary octet arrays.

Added a nonce generator (needed for at least the network layer).
Uses /dev/urandom as data source under linux, uses RANDOM (for now)
on other architectures. MAKE-NONCE retuns a BASE64-encoded nonce, suitable
to send across, get fed through a HMAC and then compared on the return.


--- /project/noctool/cvsroot/source/utils.lisp	2008/05/18 10:54:44	1.6
+++ /project/noctool/cvsroot/source/utils.lisp	2008/06/07 10:24:07	1.7
@@ -1,6 +1,8 @@
 (in-package #:net.hexapodia.noctool)
 
 (defvar *base64* "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/")
+(defvar *random-file* nil)
+
 
 
 (defmacro with-pty (ptyspec &body body)
@@ -180,14 +182,14 @@
 			       collect (ldb (byte 8 pos) n))))
 	  '(vector (unsigned-byte 8))))
 
-(defun encode-base64 (str)
-  (let* ((start (octetify str))
-	 (len (length start)))
+(defun encode-base-64-octet-vector (octet-vector)
+  (let ((start octet-vector)
+	(len (length octet-vector)))
     (labels ((get-val (base offset)
 	       (let ((pos (+ base offset)))
 		 (if (< pos len)
 		     (aref start pos)
-		   0))))
+		     0))))
       (with-output-to-string (out)
 	(loop for pos from 0 below (* 3 (ceiling len 3)) by 3
 	      for val = (+ (* 256 256 (get-val pos 0))
@@ -200,6 +202,28 @@
 				      out)
 		       else
 		       do (write-char #\= out)))))))
+
+(defun encode-base64 (str)
+  (encode-base-64-octet-vector (octetify str)))
+
+;;; Crypto helpers
+(defun make-nonce (&optional (bits 160))
+  "Generate a nonce, with roughly BITS random bits (specifically, at least 
+that many bits, but it will be read as octets, so may be a bit more), then 
+returned as a base64-encoded string."
+  (let* ((octets (ceiling bits 8))
+	 (data (make-array octets :element-type '(unsigned-byte 8))))
+    #+linux
+    (progn
+      (unless *random-file*
+	(setf *random-file* (open "/dev/urandom"
+				  :element-type '(unsigned-byte 8))))
+      (read-sequence data *random-file*))
+    #-linux
+    (loop for ix from 0 below octets
+	  do (setf (aref data ix) (random 256)))
+
+    (encode-base-64-octet-vector data)))
 ;;;
 (defun get-peer (name)
   (gethash (string name) *peers*))

More information about the noctool-cvs mailing list