Cryptographically strong random

klacke <>
Mon Apr 18 18:57:18 CEST 2005

On Mon, Apr 18, 2005 at 12:58:50PM +0300, joel reymont wrote:
> Folks,
> I understand that SSL in Erlang is based on OpenSSL. That library also
> comes with a cryptographically strong random implementation but that
> bit is not included in Erlang SSL.
> Is there a cryptographically strong implementation for Erlang? 

We do:

random_ascii_str(Length) ->
    random_ascii_str(Length, os:cmd("dd if=/dev/urandom count=1"), [], 0).
random_ascii_str(Length, _,Ret, Length) ->
random_ascii_str(Length, [H|T], Ack, Sofar) ->
        $a =< H,
        H =< $z ->
            random_ascii_str(Length, T, [H|Ack], Sofar+1);
        $A =< H,
        H =< $Z ->
            random_ascii_str(Length, T, [H|Ack], Sofar+1);
        true ->
            random_ascii_str(Length, T, Ack, Sofar)
random_ascii_str(Length, [], Ack, Sofar) ->
    random_ascii_str(Length, os:cmd("dd if=/dev/urandom count=1"),Ack, Sofar).

> What is the easiest way to hook up into the Erlang SSL to bring in
> OpenSSL random? Build it as a linked-in driver?

Yes, or hack the code in lib/crypto/c_src and lib/crypto/src
It should be pretty straightforward to extend with the RAND
code from openssl.


Claes Wikstrom                        -- Caps lock is nowhere and                  -- everything is under control          

More information about the erlang-questions mailing list