Wrap random number generator

3 files changed, 60 insertions, 0 deletions

diff --git a/btls.cabal b/btls.cabal
index dcfbb9e..3461300 100644
--- a/btls.cabal
+++ b/btls.cabal
@@ -70,11 +70,13 @@ library
   exposed-modules:     Codec.Crypto.HKDF
                      , Data.Digest
                      , Data.HMAC
+                     , System.Random.Crypto
   other-modules:       BTLS.BoringSSL.Base
                      , BTLS.BoringSSL.Digest
                      , BTLS.BoringSSL.HKDF
                      , BTLS.BoringSSL.HMAC
                      , BTLS.BoringSSL.Mem
+                     , BTLS.BoringSSL.Rand
                      , BTLS.BoringSSLPatterns
                      , BTLS.Cast
                      , BTLS.CreateWithFinalizer
diff --git a/src/BTLS/BoringSSL/Rand.chs b/src/BTLS/BoringSSL/Rand.chs
new file mode 100644
index 0000000..f7de732
--- /dev/null
+++ b/src/BTLS/BoringSSL/Rand.chs
@@ -0,0 +1,27 @@
+-- Copyright 2018 Google LLC
+--
+-- Licensed under the Apache License, Version 2.0 (the "License"); you may not
+-- use this file except in compliance with the License. You may obtain a copy of
+-- the License at
+--
+--     https://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+-- WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+-- License for the specific language governing permissions and limitations under
+-- the License.
+
+module BTLS.BoringSSL.Rand
+  ( randBytes
+  ) where
+
+import Foreign (Ptr)
+import Foreign.C.Types
+
+import BTLS.Result
+
+#include <openssl/rand.h>
+
+randBytes :: Ptr CUChar -> CULong -> IO ()
+randBytes buf len = alwaysSucceeds $ {#call RAND_bytes as ^#} buf len
diff --git a/src/System/Random/Crypto.hs b/src/System/Random/Crypto.hs
new file mode 100644
index 0000000..ca2fba5
--- /dev/null
+++ b/src/System/Random/Crypto.hs
@@ -0,0 +1,31 @@
+-- Copyright 2018 Google LLC
+--
+-- Licensed under the Apache License, Version 2.0 (the "License"); you may not
+-- use this file except in compliance with the License. You may obtain a copy of
+-- the License at
+--
+--     https://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+-- WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+-- License for the specific language governing permissions and limitations under
+-- the License.
+
+module System.Random.Crypto
+  ( randomBytes
+  ) where
+
+import Data.ByteString (ByteString)
+import qualified Data.ByteString as ByteString
+import Foreign (allocaArray)
+
+import BTLS.BoringSSL.Rand (randBytes)
+import BTLS.Cast (asCUCharBuf)
+
+-- | Generates a cryptographically random buffer of the specified size.
+randomBytes :: Int -> IO ByteString
+randomBytes len =
+  allocaArray len $ \pBuf -> do
+    randBytes (asCUCharBuf pBuf) (fromIntegral len)
+    ByteString.packCStringLen (pBuf, len)