secure random number generation

[mpasternacki]

Currently, random values are generated using CL:RANDOM function. This is far from cryptographically secure. Spec refers to ​RFC 1750 Randomness Recommendations for Security; these recommendations should be implemented, as a separate library, and this library should be used for generating random numbers.

[avodonosov]

The ticket is fixed.

A library for secure random numbers is implemented: ​https://github.com/avodonosov/secure-random/.

The current implementation is not pure-lisp, it reuses OpenSSL random number generator (via cl+ssl). Pure-lisp library would be better probably, but the OpenSSL way was the simpler. Implementing a pure lisp secure random number generator not only requires the RNG algorithm coding; the most expensive part will be gathering a truly unguessable initial state for the generator. OpenSSL does this from a platform specific service, like /dev/random, Windows Crypto API, Entropy Gathering Daemon, etc. The secure-random interface hides the implementation details, so when (and if) it will be reimplemented in lisp, the cl-openid code will not be affected.

cl-openid already unconditionally depends on cl+ssl via drakma, therefore this solution does not add a redundant dependency.

As of today, secure-random is not on quicklisp. Also it uses the very fresh cl+ssl with is also not in quicklisp.

To trt it just download the secure random snapshot: ​http://github.com/avodonosov/secure-random/tarball/master.

Then download the cl+ssl snapshot: ​https://gitorious.org/cl-plus-ssl/cl-plus-ssl/archive-tarball/master

(pushnew "<your cl-openid repository>" asdf:*central-registry* :test #'equal)
(pushnew "<your cl+ssl snapshot dir>" asdf:*central-registry* :test #'equal)
(pushnew "<your secure-random snapshot dir>" asdf:*central-registry* :test #'equal)

(ql:quickload :cl-openid)