Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

std.options.crypto_always_getrandom ignores overridden std.options.cryptoRandomSeed #19943

Open
Khitiara opened this issue May 11, 2024 · 2 comments · May be fixed by #19965
Open

std.options.crypto_always_getrandom ignores overridden std.options.cryptoRandomSeed #19943

Khitiara opened this issue May 11, 2024 · 2 comments · May be fixed by #19965
Labels
bug Observed behavior contradicts documented or intended behavior contributor friendly This issue is limited in scope and/or knowledge of Zig internals. standard library This issue involves writing Zig code for the standard library.
Milestone
0.14.0

Comments

@Khitiara
Copy link

Zig Version

0.13.0-dev.46+3648d7df1

Steps to Reproduce and Observed Behavior

I'm using std_options.cryptoRandomSeed to provide a hardware secure random source for my hobby os, and I'd like to use crypto_always_getrandom to allow me to compile without the single_threaded flag since there is no syscall overhead on getting the random value when in kernel mode already anyway, but when i set crypto_always_getrandom = true the program fails to compile due to that branch always calling posix getrandom directly.

Expected Behavior

The program should compile and use my provided cryptoRandomSeed for all cryptographic random calls. or this behavior should be documented better if intentional.
@Khitiara Khitiara added the bug Observed behavior contradicts documented or intended behavior label May 11, 2024
@Vexu Vexu added the standard library This issue involves writing Zig code for the standard library. label May 11, 2024
@Vexu Vexu added this to the 0.13.0 milestone May 11, 2024
@Vexu Vexu added the contributor friendly This issue is limited in scope and/or knowledge of Zig internals. label May 11, 2024
@insalt-glitch
Copy link

To me, it looks like this would require a change here:

zig/lib/std/crypto/tlcsprng.zig

Lines 72 to 77 in c77afca

// Allow applications to decide they would prefer to have every call to
// std.crypto.random always make an OS syscall, rather than rely on an
// application implementation of a CSPRNG.
if (std.options.crypto_always_getrandom) {
return defaultRandomSeed(buffer);
}

Where the call to defaultRandomSeed has to be replaced by calling std.options.cryptoRandomSeed.

Unfortunately, I'm quite new to this, so I don't know how to install Zig from source and perform the testing :/ (I'm aware that there is a HowTo, but I'm a total noob).

@rohlem
Copy link
Contributor

rohlem commented May 12, 2024
edited

@insalt-glitch Note that you can edit the standard library (in lib/std) of a built/downloaded Zig distribution and the changes will immediately take effect for all subsequent builds; no need to rebuild the compiler itself from source.

@SkamDart SkamDart linked a pull request May 13, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Observed behavior contradicts documented or intended behavior contributor friendly This issue is limited in scope and/or knowledge of Zig internals. standard library This issue involves writing Zig code for the standard library.
Projects
None yet
Milestone
0.14.0
4 participants
@Khitiara @rohlem @Vexu @insalt-glitch