Bug #18768 for Crypt-DSA: Crypt-DSA-0.13 patch for MSWin32 support

Tue Apr 18 05:59:29 2006 cpan [...] fireartist.com - Ticket created

Subject:

Crypt-DSA-0.13 patch for MSWin32 support

I'm running perl 5.8.8, built with mingw gcc 3.4.5, on Windows XP. Attached are patches for: lib/Crypt/DSA/KeyChain.pm lib/Crypt/DSA/Util.pm Makefile.PL I've changed KeyChain::generate_params() so that it uses 'openssl.exe' on windows instead of 'openssl'. I've also changed Util::makerandom() so that if it can't open /dev/random, it tries to load Data::Random. (Crypt::Random is no use for windows, as it still uses /dev/random in the background) I've also changed makerandom(), so that if it then fails to load Data::Random, it calls croak() rather than returning undef and going into an infinite loop. The Makefile.PL has been changed so that Data::Random is required on MSWin32. I hope the patches are suitable. Please contact my cpan email address if you want to test anything further on a windows box.

Subject:

KeyChain.pm.patch

7a8,10 > use IPC::Open3; > use File::Spec; > use Symbol qw( gensym ); 31c34,35 < my $openssl = `which openssl`; --- > my $bin = $^O eq 'MSWin32' ? 'openssl.exe' : 'openssl'; > my $openssl = `which $bin`; 36c40,46 < my @res = `$openssl dsaparam -text -noout $bits_n 2>/dev/null`; --- > open( NULL, ">", File::Spec->devnull ); > my $pid = open3( gensym, \*OPENSSL, ">&NULL", "$openssl dsaparam -text -noout $bits_n" ); > my @res; > while( <OPENSSL> ) { > push @res, $_; > } > waitpid( $pid, 0 );

Subject:

Makefile.PL.patch

16a17 > requires('Data::Random' => '0.05') if $^O eq 'MSWin32';

Subject:

Util.pm.patch

7a8 > use Carp qw( croak ); 53,61c54,70 < sysopen my $fh, '/dev/random', O_RDONLY < or return; < my($r, $read) = ('', 0); < while ($read < $bytes) { < my $got = sysread $fh, my($chunk), $bytes - $read; < next unless $got; < die "Error: $!" if $got == -1; < $r .= $chunk; < $read = length $r; --- > my $r = ''; > if ( sysopen my $fh, '/dev/random', O_RDONLY ) { > my $read = 0; > while ($read < $bytes) { > my $got = sysread $fh, my($chunk), $bytes - $read; > next unless $got; > die "Error: $!" if $got == -1; > $r .= $chunk; > $read = length $r; > } > close $fh; > } > elsif ( require Data::Random ) { > $r .= Data::Random::rand_chars( set=>'numeric' ) for 1..$bytes; > } > else { > croak "makerandom requires /dev/random or Data::Random"; 63d71 < close $fh;

Tue Apr 18 10:05:41 2006 cpan [...] fireartist.com - Correspondence added

Apologies for not checking this before first opening the ticket... Crypt::Random, as suggested in rt ticket 14281, does work on Win32, so maybe that'd be a better solution than Data::Random

Tue Apr 18 10:05:44 2006 cpan [...] fireartist.com - Status changed from 'new' to 'open'

Mon Aug 26 18:38:23 2013 DANAJ [...] cpan.org - Correspondence added

On Tue Apr 18 10:05:41 2006, CFRANKS wrote: Show quoted text

> Apologies for not checking this before first opening the ticket... > > Crypt::Random, as suggested in rt ticket 14281, does work on Win32, so > maybe that'd be a better solution than Data::Random

Crypt::Random requires Math::Pari, which I think is an undesirable dependency, especially just for getting random seed bits. I would suggest looking at Crypt::Random::Seed, Bytes::Random::Secure, Crypt::URandom, or Data::Entropy instead. See Alt::Crypt::RSA::BigInt and patches for Crypt::OpenPGP for examples. I was going to suggest using Math::Prime::Util::random_nbit_prime which would push everything off onto that module, and give a few hundred times speedup for key generation when not using openssl. However it does not use the FIPS-186-3 method for generation. I'll make another ticket to discuss the issues, since this is getting far off topic and it's not clear whether we're trying to strictly follow FIPS-186-3 (it does with p and q) or not (number of M-R tests).