Disable PRF by default.

Fix arc4random_buf implementation.
Add JANET_HASHSEED environment variable.
2025-11-13 22:07:13 +00:00 · 2020-08-03 21:52:57 -05:00 · 2020-08-03 21:49:49 -05:00 · 2020-08-03 20:56:11 -05:00 · 2020-08-03 20:14:51 -05:00 · 2020-08-04 12:13:36 +12:00
10 changed files with 109 additions and 51 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,7 +1,10 @@
 # Changelog
 All notable changes to this project will be documented in this file.

-## 1.11.2 - 2020-08-03
+## 1.11.3 - 2020-08-03
+- Add `JANET_HASHSEED` environment variable when `JANET_PRF` is enabled.
+- Expose `janet_cryptorand` in C API.
+- Properly initialize PRF in default janet program
 - Add `index-of` to core library.
 - Add `-fPIC` back to core CFLAGS (non-optional when compiling default client  with Makefile)
 - Fix defaults on Windows for ARM
--- a/janet.1
+++ b/janet.1
@@ -213,5 +213,13 @@ find native and source code modules. If no JANET_PATH is set, Janet will look in
 the default location set at compile time.
 .RE

+.B JANET_HASHSEED
+.RS
+To disable randomization of Janet's PRF on start up, one can set this variable. This can have the
+effect of making programs deterministic that otherwise would depend on the random seed chosen at program start.
+This variable does nothing in the default configuration of Janet, as PRF is disabled by default. Also, JANET_REDUCED_OS
+cannot be defined for this variable to have an effect.
+.RE
+
 .SH AUTHOR
 Written by Calvin Rose <calsrose@gmail.com>
--- a/17
+++ b/17
@@ -535,6 +535,23 @@
    ```

 int main(int argc, const char **argv) {
+
+#if defined(JANET_PRF)
+    uint8_t hash_key[JANET_HASH_KEY_SIZE + 1];
+#ifdef JANET_REDUCED_OS
+    char *envvar = NULL;
+#else
+    char *envvar = getenv("JANET_HASHSEED");
+#endif
+    if (NULL != envvar) {
+        strncpy((char *) hash_key, envvar, sizeof(hash_key) - 1);
+    } else if (janet_cryptorand(hash_key, JANET_HASH_KEY_SIZE) != 0) {
+        fputs("unable to initialize janet PRF hash function.\n", stderr);
+        return 1;
+    }
+    janet_init_hash_key(hash_key);
+#endif
+
    janet_init();

    /* Get core env */
--- a/meson.build
+++ b/meson.build
@@ -20,7 +20,7 @@

 project('janet', 'c',
  default_options : ['c_std=c99', 'b_lundef=false', 'default_library=both'],
-  version : '1.11.2')
+  version : '1.11.3')

 # Global settings
 janet_path = join_paths(get_option('prefix'), get_option('libdir'), 'janet')
--- a/src/conf/janetconf.h
+++ b/src/conf/janetconf.h
@@ -28,9 +28,9 @@

 #define JANET_VERSION_MAJOR 1
 #define JANET_VERSION_MINOR 11
-#define JANET_VERSION_PATCH 2
+#define JANET_VERSION_PATCH 3
 #define JANET_VERSION_EXTRA ""
-#define JANET_VERSION "1.11.2"
+#define JANET_VERSION "1.11.3"

 /* #define JANET_BUILD "local" */

--- a/src/core/os.c
+++ b/src/core/os.c
@@ -37,8 +37,6 @@
 #include <string.h>
 #include <sys/stat.h>

-#define RETRY_EINTR(RC, CALL) do { (RC) = CALL; } while((RC) < 0 && errno == EINTR)
-
 #ifdef JANET_APPLE
 #include <AvailabilityMacros.h>
 #endif
@@ -68,12 +66,6 @@ extern char **environ;
 #include <mach/mach.h>
 #endif

-/* Setting C99 standard makes this not available, but it should
- * work/link properly if we detect a BSD */
-#if defined(JANET_BSD) || defined(MAC_OS_X_VERSION_10_7)
-void arc4random_buf(void *buf, size_t nbytes);
-#endif
-
 /* Not POSIX, but all Unixes but Solaris have this function. */
 #if defined(JANET_POSIX) && !defined(__sun)
 time_t timegm(struct tm *tm);
@@ -557,7 +549,6 @@ static Janet os_cwd(int32_t argc, Janet *argv) {

 static Janet os_cryptorand(int32_t argc, Janet *argv) {
    JanetBuffer *buffer;
-    const char *genericerr = "unable to get sufficient random data";
    janet_arity(argc, 1, 2);
    int32_t offset;
    int32_t n = janet_getinteger(argv, 0);
@@ -572,44 +563,9 @@ static Janet os_cryptorand(int32_t argc, Janet *argv) {
    /* We could optimize here by adding setcount_uninit */
    janet_buffer_setcount(buffer, offset + n);

-#ifdef JANET_WINDOWS
-    for (int32_t i = offset; i < buffer->count; i += sizeof(unsigned int)) {
-        unsigned int v;
-        if (rand_s(&v))
-            janet_panic(genericerr);
-        for (int32_t j = 0; (j < sizeof(unsigned int)) && (i + j < buffer->count); j++) {
-            buffer->data[i + j] = v & 0xff;
-            v = v >> 8;
-        }
-    }
-#elif defined(JANET_LINUX) || ( defined(JANET_APPLE) && !defined(MAC_OS_X_VERSION_10_7) )
-    /* We should be able to call getrandom on linux, but it doesn't seem
-       to be uniformly supported on linux distros.
-       On Mac, arc4random_buf wasn't available on until 10.7.
-       In these cases, use this fallback path for now... */
-    int rc;
-    int randfd;
-    RETRY_EINTR(randfd, open("/dev/urandom", O_RDONLY | O_CLOEXEC));
-    if (randfd < 0)
-        janet_panic(genericerr);
-    while (n > 0) {
-        ssize_t nread;
-        RETRY_EINTR(nread, read(randfd, buffer->data + offset, n));
-        if (nread <= 0) {
-            RETRY_EINTR(rc, close(randfd));
-            janet_panic(genericerr);
-        }
-        offset += nread;
-        n -= nread;
-    }
-    RETRY_EINTR(rc, close(randfd));
-#elif defined(JANET_BSD) || defined(MAC_OS_X_VERSION_10_7)
-    (void) genericerr;
-    arc4random_buf(buffer->data + offset, n);
-#else
-    (void) genericerr;
-    janet_panic("cryptorand currently unsupported on this platform");
-#endif
+    if (janet_cryptorand(buffer->data + offset, n) != 0)
+        janet_panic("unable to get sufficient random data");
+
    return janet_wrap_buffer(buffer);
 }

--- a/src/core/util.c
+++ b/src/core/util.c
@@ -28,6 +28,11 @@
 #include "gc.h"
 #ifdef JANET_WINDOWS
 #include <windows.h>
+#else
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
 #endif
 #endif

@@ -630,3 +635,51 @@ int janet_gettime(struct timespec *spec) {
 }
 #endif
 #endif
+
+/* Setting C99 standard makes this not available, but it should
+ * work/link properly if we detect a BSD */
+#if defined(JANET_BSD) || defined(MAC_OS_X_VERSION_10_7)
+void arc4random_buf(void *buf, size_t nbytes);
+#endif
+
+int janet_cryptorand(uint8_t *out, size_t n) {
+#ifdef JANET_WINDOWS
+    for (size_t i = 0; i < n; i += sizeof(unsigned int)) {
+        unsigned int v;
+        if (rand_s(&v))
+            return -1;
+        for (int32_t j = 0; (j < sizeof(unsigned int)) && (i + j < n); j++) {
+            out[i + j] = v & 0xff;
+            v = v >> 8;
+        }
+    }
+    return 0;
+#elif defined(JANET_LINUX) || ( defined(JANET_APPLE) && !defined(MAC_OS_X_VERSION_10_7) )
+    /* We should be able to call getrandom on linux, but it doesn't seem
+       to be uniformly supported on linux distros.
+       On Mac, arc4random_buf wasn't available on until 10.7.
+       In these cases, use this fallback path for now... */
+    int rc;
+    int randfd;
+    RETRY_EINTR(randfd, open("/dev/urandom", O_RDONLY | O_CLOEXEC));
+    if (randfd < 0)
+        return -1;
+    while (n > 0) {
+        ssize_t nread;
+        RETRY_EINTR(nread, read(randfd, out, n));
+        if (nread <= 0) {
+            RETRY_EINTR(rc, close(randfd));
+            return -1;
+        }
+        out += nread;
+        n -= nread;
+    }
+    RETRY_EINTR(rc, close(randfd));
+    return 0;
+#elif defined(JANET_BSD) || defined(MAC_OS_X_VERSION_10_7)
+    arc4random_buf(out, n);
+    return 0;
+#else
+    return -1;
+#endif
+}
--- a/src/core/util.h
+++ b/src/core/util.h
@@ -108,6 +108,8 @@ void janet_core_cfuns(JanetTable *env, const char *regprefix, const JanetReg *cf
 int janet_gettime(struct timespec *spec);
 #endif

+#define RETRY_EINTR(RC, CALL) do { (RC) = CALL; } while((RC) < 0 && errno == EINTR)
+
 /* Initialize builtin libraries */
 void janet_lib_io(JanetTable *env);
 void janet_lib_math(JanetTable *env);
--- a/src/include/janet.h
+++ b/src/include/janet.h
@@ -1545,6 +1545,8 @@ JANET_API FILE *janet_dynfile(const char *name, FILE *def);
 JANET_API JanetAbstract janet_checkfile(Janet j);
 JANET_API FILE *janet_unwrapfile(Janet j, int32_t *flags);

+int janet_cryptorand(uint8_t *out, size_t n);
+
 /* Marshal API */
 JANET_API void janet_marshal_size(JanetMarshalContext *ctx, size_t value);
 JANET_API void janet_marshal_int(JanetMarshalContext *ctx, int32_t value);
--- a/src/mainclient/shell.c
+++ b/src/mainclient/shell.c
@@ -1017,6 +1017,23 @@ int main(int argc, char **argv) {
    atexit(norawmode);
 #endif

+#if defined(JANET_PRF)
+    uint8_t hash_key[JANET_HASH_KEY_SIZE + 1];
+#ifdef JANET_REDUCED_OS
+    char *envvar = NULL;
+#else
+    char *envvar = getenv("JANET_HASHSEED");
+#endif
+    if (NULL != envvar) {
+        strncpy((char *) hash_key, envvar, sizeof(hash_key) - 1);
+    } else if (janet_cryptorand(hash_key, JANET_HASH_KEY_SIZE) != 0) {
+        fputs("unable to initialize janet PRF hash function.\n", stderr);
+        return 1;
+    }
+    janet_init_hash_key(hash_key);
+#endif
+
+
    /* Set up VM */
    janet_init();
Author	SHA1	Message	Date
Calvin Rose	9afcec77f6	Disable PRF by default.	2020-08-03 21:52:57 -05:00
Calvin Rose	70ad98cc6f	Fix arc4random_buf implementation.	2020-08-03 21:49:49 -05:00
Calvin Rose	76cfbde933	Add JANET_HASHSEED environment variable.	2020-08-03 20:56:11 -05:00
Calvin Rose	f200bd9594	Merge pull request #455 from andrewchambers/prfseed Initialize PRF with random data when it is enabled.	2020-08-03 20:14:51 -05:00
Andrew Chambers	4d4ca7bb36	Initialize PRF with random data when it is enabled.	2020-08-04 12:13:36 +12:00