Update of /project/crypticl/cvsroot/crypticl/src In directory clnet:/tmp/cvs-serv1638 Modified Files: random.lisp Log Message: Remove non-secure generator to avoid mistakes. --- /project/crypticl/cvsroot/crypticl/src/random.lisp 2007/01/20 15:46:59 1.5 +++ /project/crypticl/cvsroot/crypticl/src/random.lisp 2007/01/23 21:20:36 1.6 @@ -1,24 +1,15 @@ ;;;;-*-lisp-*- ;;;; The Crypticl cryptographic library. ;;;; -;;;; Description: Pseudo random number generation. +;;;; Description: Cryptographically secure pseudo random number generator. ;;;; Author: Taale Skogan ;;;; Distribution: See the accompanying file LICENSE. - ;;To do: ;;-get high entropy bits on non-Linux system. Either roll your own (most likely bad idea) or use win32API to handle one other system. But this is not important. win32 API CryptGenRandom. -;;-test suite. Some simple statistical tests on output? (in-package crypticl) -(defun random-bignum (bitsize) - "Return random integer bitsize bits long, i.e. an integer in the range [0, 2^bitsize - 1]. Uses the internal Lisp PSNG random which is _not_ cryptographically secure. -" - (warn "Using a PSNG which is _not_ cryptographically secure.") - (random-bignum-internal bitsize #'random)) - - (defun random-secure-bignum (bitsize) "Return random integer bitsize bits long generatated from a cryptograpically secure pseudo random number generator. The function is very slow because random-secure invokes SHA-1 multiple times. It should only be used for cryptographic keys and the like. @@ -55,8 +46,7 @@ -;;;;;;;; -;;; CRYPTOGRAPHICALLY SECURE RANDOM NUMBER GENERATOR +;;;;;;;; CRYPTOGRAPHICALLY SECURE RANDOM NUMBER GENERATOR (defparameter *random-secure-obj* nil "State for the random number generator")