2010-07-12 16:37:53 -07:00
|
|
|
// Copyright 2010 The Go Authors. All rights reserved.
|
|
|
|
|
// Use of this source code is governed by a BSD-style
|
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
|
all: merge NaCl branch (part 1)
See golang.org/s/go13nacl for design overview.
This CL is the mostly mechanical changes from rsc's Go 1.2 based NaCl branch, specifically 39cb35750369 to 500771b477cf from https://code.google.com/r/rsc-go13nacl. This CL does not include working NaCl support, there are probably two or three more large merges to come.
CL 15750044 is not included as it involves more invasive changes to the linker which will need to be merged separately.
The exact change lists included are
15050047: syscall: support for Native Client
15360044: syscall: unzip implementation for Native Client
15370044: syscall: Native Client SRPC implementation
15400047: cmd/dist, cmd/go, go/build, test: support for Native Client
15410048: runtime: support for Native Client
15410049: syscall: file descriptor table for Native Client
15410050: syscall: in-memory file system for Native Client
15440048: all: update +build lines for Native Client port
15540045: cmd/6g, cmd/8g, cmd/gc: support for Native Client
15570045: os: support for Native Client
15680044: crypto/..., hash/crc32, reflect, sync/atomic: support for amd64p32
15690044: net: support for Native Client
15690048: runtime: support for fake time like on Go Playground
15690051: build: disable various tests on Native Client
LGTM=rsc
R=rsc
CC=golang-codereviews
https://golang.org/cl/68150047
2014-02-25 09:47:42 -05:00
|
|
|
// +build darwin dragonfly freebsd linux nacl netbsd openbsd plan9 solaris
|
build: add build comments to core packages
The go/build package already recognizes
system-specific file names like
mycode_darwin.go
mycode_darwin_386.go
mycode_386.s
However, it is also common to write files that
apply to multiple architectures, so a recent CL added
to go/build the ability to process comments
listing a set of conditions for building. For example:
// +build darwin freebsd openbsd/386
says that this file should be compiled only on
OS X, FreeBSD, or 32-bit x86 OpenBSD systems.
These conventions are not yet documented
(hence this long CL description).
This CL adds build comments to the multi-system
files in the core library, a step toward making it
possible to use go/build to build them.
With this change go/build can handle crypto/rand,
exec, net, path/filepath, os/user, and time.
os and syscall need additional adjustments.
R=golang-dev, r, gri, r, gustavo
CC=golang-dev
https://golang.org/cl/5011046
2011-09-15 16:48:57 -04:00
|
|
|
|
2010-07-12 16:37:53 -07:00
|
|
|
// Unix cryptographically secure pseudorandom number
|
|
|
|
|
// generator.
|
|
|
|
|
|
|
|
|
|
package rand
|
|
|
|
|
|
|
|
|
|
import (
|
2011-02-17 15:14:41 -05:00
|
|
|
"bufio"
|
2010-07-12 16:37:53 -07:00
|
|
|
"crypto/aes"
|
2012-02-13 12:38:45 -05:00
|
|
|
"crypto/cipher"
|
2010-07-12 16:37:53 -07:00
|
|
|
"io"
|
|
|
|
|
"os"
|
2012-06-06 16:05:47 -04:00
|
|
|
"runtime"
|
2010-07-12 16:37:53 -07:00
|
|
|
"sync"
|
|
|
|
|
"time"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// Easy implementation: read from /dev/urandom.
|
|
|
|
|
// This is sufficient on Linux, OS X, and FreeBSD.
|
|
|
|
|
|
2012-06-06 16:05:47 -04:00
|
|
|
func init() {
|
|
|
|
|
if runtime.GOOS == "plan9" {
|
|
|
|
|
Reader = newReader(nil)
|
|
|
|
|
} else {
|
|
|
|
|
Reader = &devReader{name: "/dev/urandom"}
|
|
|
|
|
}
|
|
|
|
|
}
|
2010-07-12 16:37:53 -07:00
|
|
|
|
|
|
|
|
// A devReader satisfies reads by reading the file named name.
|
|
|
|
|
type devReader struct {
|
|
|
|
|
name string
|
2011-02-17 15:14:41 -05:00
|
|
|
f io.Reader
|
2010-07-12 16:37:53 -07:00
|
|
|
mu sync.Mutex
|
|
|
|
|
}
|
|
|
|
|
|
2011-11-01 22:04:37 -04:00
|
|
|
func (r *devReader) Read(b []byte) (n int, err error) {
|
2010-07-12 16:37:53 -07:00
|
|
|
r.mu.Lock()
|
2011-01-21 10:14:43 -05:00
|
|
|
defer r.mu.Unlock()
|
2010-07-12 16:37:53 -07:00
|
|
|
if r.f == nil {
|
2011-04-04 23:42:14 -07:00
|
|
|
f, err := os.Open(r.name)
|
2010-07-12 16:37:53 -07:00
|
|
|
if f == nil {
|
|
|
|
|
return 0, err
|
|
|
|
|
}
|
2012-06-06 16:05:47 -04:00
|
|
|
if runtime.GOOS == "plan9" {
|
|
|
|
|
r.f = f
|
|
|
|
|
} else {
|
|
|
|
|
r.f = bufio.NewReader(f)
|
|
|
|
|
}
|
2010-07-12 16:37:53 -07:00
|
|
|
}
|
|
|
|
|
return r.f.Read(b)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Alternate pseudo-random implementation for use on
|
2012-06-06 16:05:47 -04:00
|
|
|
// systems without a reliable /dev/urandom.
|
2010-07-12 16:37:53 -07:00
|
|
|
|
|
|
|
|
// newReader returns a new pseudorandom generator that
|
|
|
|
|
// seeds itself by reading from entropy. If entropy == nil,
|
|
|
|
|
// the generator seeds itself by reading from the system's
|
|
|
|
|
// random number generator, typically /dev/random.
|
|
|
|
|
// The Read method on the returned reader always returns
|
|
|
|
|
// the full amount asked for, or else it returns an error.
|
|
|
|
|
//
|
|
|
|
|
// The generator uses the X9.31 algorithm with AES-128,
|
|
|
|
|
// reseeding after every 1 MB of generated data.
|
|
|
|
|
func newReader(entropy io.Reader) io.Reader {
|
|
|
|
|
if entropy == nil {
|
|
|
|
|
entropy = &devReader{name: "/dev/random"}
|
|
|
|
|
}
|
|
|
|
|
return &reader{entropy: entropy}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type reader struct {
|
|
|
|
|
mu sync.Mutex
|
|
|
|
|
budget int // number of bytes that can be generated
|
2012-02-13 12:38:45 -05:00
|
|
|
cipher cipher.Block
|
2010-07-12 16:37:53 -07:00
|
|
|
entropy io.Reader
|
|
|
|
|
time, seed, dst, key [aes.BlockSize]byte
|
|
|
|
|
}
|
|
|
|
|
|
2011-11-01 22:04:37 -04:00
|
|
|
func (r *reader) Read(b []byte) (n int, err error) {
|
2010-07-12 16:37:53 -07:00
|
|
|
r.mu.Lock()
|
|
|
|
|
defer r.mu.Unlock()
|
|
|
|
|
n = len(b)
|
|
|
|
|
|
|
|
|
|
for len(b) > 0 {
|
|
|
|
|
if r.budget == 0 {
|
|
|
|
|
_, err := io.ReadFull(r.entropy, r.seed[0:])
|
|
|
|
|
if err != nil {
|
|
|
|
|
return n - len(b), err
|
|
|
|
|
}
|
|
|
|
|
_, err = io.ReadFull(r.entropy, r.key[0:])
|
|
|
|
|
if err != nil {
|
|
|
|
|
return n - len(b), err
|
|
|
|
|
}
|
|
|
|
|
r.cipher, err = aes.NewCipher(r.key[0:])
|
|
|
|
|
if err != nil {
|
|
|
|
|
return n - len(b), err
|
|
|
|
|
}
|
|
|
|
|
r.budget = 1 << 20 // reseed after generating 1MB
|
|
|
|
|
}
|
|
|
|
|
r.budget -= aes.BlockSize
|
|
|
|
|
|
|
|
|
|
// ANSI X9.31 (== X9.17) algorithm, but using AES in place of 3DES.
|
|
|
|
|
//
|
|
|
|
|
// single block:
|
|
|
|
|
// t = encrypt(time)
|
|
|
|
|
// dst = encrypt(t^seed)
|
|
|
|
|
// seed = encrypt(t^dst)
|
2011-11-30 12:01:46 -05:00
|
|
|
ns := time.Now().UnixNano()
|
2010-07-12 16:37:53 -07:00
|
|
|
r.time[0] = byte(ns >> 56)
|
|
|
|
|
r.time[1] = byte(ns >> 48)
|
|
|
|
|
r.time[2] = byte(ns >> 40)
|
|
|
|
|
r.time[3] = byte(ns >> 32)
|
|
|
|
|
r.time[4] = byte(ns >> 24)
|
|
|
|
|
r.time[5] = byte(ns >> 16)
|
|
|
|
|
r.time[6] = byte(ns >> 8)
|
|
|
|
|
r.time[7] = byte(ns)
|
|
|
|
|
r.cipher.Encrypt(r.time[0:], r.time[0:])
|
|
|
|
|
for i := 0; i < aes.BlockSize; i++ {
|
|
|
|
|
r.dst[i] = r.time[i] ^ r.seed[i]
|
|
|
|
|
}
|
|
|
|
|
r.cipher.Encrypt(r.dst[0:], r.dst[0:])
|
|
|
|
|
for i := 0; i < aes.BlockSize; i++ {
|
|
|
|
|
r.seed[i] = r.time[i] ^ r.dst[i]
|
|
|
|
|
}
|
|
|
|
|
r.cipher.Encrypt(r.seed[0:], r.seed[0:])
|
|
|
|
|
|
|
|
|
|
m := copy(b, r.dst[0:])
|
|
|
|
|
b = b[m:]
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return n, nil
|
|
|
|
|
}
|