Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

57 lines (46 sloc) 1.757 kB
{- -*- haskell -*- -}
-- | PRNG services
-- See <http://www.openssl.org/docs/crypto/rand.html>
-- For random Integer generation, see "OpenSSL.BN"
#include "HsOpenSSL.h"
module OpenSSL.Random
( -- * Random byte generation
randBytes
, prandBytes
, add
) where
import Foreign
import Foreign.C.Types
import qualified Data.ByteString as BS
import OpenSSL.Utils
foreign import ccall unsafe "RAND_bytes"
_RAND_bytes :: Ptr CChar -> CInt -> IO CInt
foreign import ccall unsafe "RAND_pseudo_bytes"
_RAND_pseudo_bytes :: Ptr CChar -> CInt -> IO ()
foreign import ccall unsafe "RAND_add"
_RAND_add :: Ptr CChar -> CInt -> CInt -> IO ()
-- | Return a bytestring consisting of the given number of strongly random
-- bytes
randBytes :: Int -- ^ the number of bytes requested
-> IO BS.ByteString
randBytes n =
allocaArray n $ \bufPtr ->
do _RAND_bytes bufPtr (fromIntegral n) >>= failIf_ (/= 1)
BS.packCStringLen (bufPtr, n)
-- | Return a bytestring consisting of the given number of pseudo random
-- bytes
prandBytes :: Int -- ^ the number of bytes requested
-> IO BS.ByteString
prandBytes n =
allocaArray n $ \bufPtr ->
do _RAND_pseudo_bytes bufPtr (fromIntegral n)
BS.packCStringLen (bufPtr, n)
-- | Add data to the entropy pool. It's safe to add sensitive information
-- (e.g. user passwords etc) to the pool. Also, adding data with an entropy
-- of 0 can never hurt.
add :: BS.ByteString -- ^ random data to be added to the pool
-> Int -- ^ the number of bits of entropy in the first argument
-> IO ()
add bs entropy =
BS.useAsCStringLen bs $ \(ptr, len) ->
_RAND_add ptr (fromIntegral len) (fromIntegral entropy)
Jump to Line
Something went wrong with that request. Please try again.