[RFC] Support for /dev/urandom in kdelibs
Brad Hards
bradh at frogmouth.net
Thu Dec 30 08:52:30 GMT 2004
On Sun, 26 Dec 2004 23:49 pm, Michael Buesch wrote:
> Is there a possibility to get support for a cryptographically strong
> randomizer into the kdelibs for KDE-4?
Do you really need it in KDE? If not, I'm hoping to provide QCA
(as a dependency) for KDE-4, which has support for random
numbers. At the moment, the API looks like the following. As
someone else pointed out, there are reasons for wanting to
have multiple sources of random numbers. It also occurs to me
that we may not have a source of /dev/urandom type numbers
on every platform that KDE supports.
/**
* Source of random numbers
*
* QCA provides a built in source of random numbers, which
* can be accessed through this class. You can also use
* an alternative random number source, by implementing
* another provider.
*
* You can select the "quality" of the random numbers. For
* best results, you should use Nonce or PublicValue for values
* that are likely to become public, and SessionKey or LongTermKey
* for those values that are more critical. All that said, please
* note that this is only a hint to the provider - it may make
* no difference at all.
*
* The normal use of this class is expected to be through the
* static members - randomChar(), randomInt() and randomArray().
*/
class QCA_EXPORT Random : public Algorithm
{
public:
/**
* How much entropy to use for the random numbers that
* are required.
*/
enum Quality { Nonce, PublicValue, SessionKey, LongTermKey };
/**
* Standard Constructor
*
* \param provider the provider library for the random
* number generation
*/
Random(const QString &provider = "");
/**
* Provide a random byte.
*
* This method isn't normally required - you should use
* the static randomChar() method instead.
*
* \param q the quality of the random byte that is required
*
* \sa randomChar
*/
uchar nextByte(Quality q = SessionKey);
/**
* Provide a specified number of random bytes
*
* This method isn't normally required - you should use
* the static randomArray() method instead.
*
* \param size the number of bytes to provide
* \param q the quality of the random bytes that are required
*
* \sa randomArray
*/
QSecureArray nextBytes(int size, Quality q = SessionKey);
/**
* Provide a random character (byte)
*
* This is the normal way of obtaining a single random char
* (ie. 8 bit byte), of the default quality, as shown below:
* \code
* myRandomChar = QCA::Random::randomChar();
* \endcode
*
* \param q the quality of the random character that is required
*
* If you need a number of bytes, perhaps randomArray() may be of use
*/
static uchar randomChar(Quality q = SessionKey);
/**
* Provide a random integer
*
* This is the normal way of obtaining a single random integer,
* as shown below:
* \code
* // default quality
* myRandomInt = QCA::Random::randomInt();
* // cheap integer
* myCheapInt = QCA::Random::randomInt( QCA::Random::Nonce );
* \endcode
*
* \param q the quality of the random integer that is required
*/
static uint randomInt(Quality q = SessionKey);
/**
* Provide a specified number of random bytes
*
* \code
* // build a 30 byte secure array.
* QSecureArray arry = QCA::Random::randomArray(30);
* // take 20 bytes, as high a quality as we can get
* QSecureArray newKey = QCA::Random::randomArray(20, QCA::Random::LongTermKey);
* \endcode
*
* \param size the number of bytes to provide
* \param q the quality of the random bytes that are required
*/
static QSecureArray randomArray(int size, Quality q = SessionKey);
};
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20041230/a555b6c6/attachment.sig>
More information about the kde-core-devel
mailing list