securerandom.rb e$B$re(B 1.8 e$B$KDI2C$7!“e(Bcgi/session.rb
e$B$K;H$o$;$?$$e(B
e$B$N$G$9$,!”$I$&$G$7$g$&$+!#e(B

cgi/session.rb e$B$K8B$j$^$;$s$,!"e(Bsession cookie e$B$N@8@.$K$O0E9fe(B
e$B3XE*$K$=$l$J$j$K0BA4$JMp?t$,I,MW$G$9!#e(B

e$B$7$+$7!"8=>u$Ne(B Ruby e$B$G$O$=$N$h$&$J0BA4$JMp?t$rF@$k4JC1$Je(B API
e$B$,MQ0U$5$l$F$$$J$$$?$a!“0BA4$J$s$+$I$&$J$N$+$h$/$o$+$i$J$$2xe(B
e$B$7$2$J%3!<%I$Ge(B session cookie e$B$r@8@.$9$k$3$H$,$”$j$^$9!#e(B

e$B$d$O$j!"$=$&$$$&Fq$7$$0E9f$NOC$O!"L_$OL_20$H$$$&$3$H$G30Ite(B
(OpenSSL e$B$de(B /dev/urandom) e$B$K$^$+$;$k$N$,$$$$$N$G$O$J$$$G$7$ge(B
e$B$&$+!#e(B

Index: lib/securerandom.rb

— lib/securerandom.rb (e$B%j%S%8%g%se(B 0)
+++ lib/securerandom.rb (e$B%j%S%8%g%se(B 0)
@@ -0,0 +1,137 @@
+# = Secure random number generator interface.
+#
+# This library is an interface for secure random number generator which
is
+# suitable for generating session key in HTTP cookies, etc.
+#
+# It supports following secure random number generators.
+#
+# * openssl
+# * /dev/urandom
+#
+# == Example
+#
+# # random hexadecimal string.
+# p SecureRandom.hex(10) #=> “52750b30ffbc7de3b362”
+# p SecureRandom.hex(10) #=> “92b15d6c8dc4beb5f559”
+# p SecureRandom.hex(11) #=> “6aca1b5c58e4863e6b81b8”
+# p SecureRandom.hex(12) #=> “94b2fff3e7fd9b9c391a2306”
+# p SecureRandom.hex(13) #=> “39b290146bea6ce975c37cfc23”
+# …
+#
+# # random base64 string.
+# p SecureRandom.base64(10) #=> “EcmTPZwWRAozdA==”
+# p SecureRandom.base64(10) #=> “9b0nsevdwNuM/w==”
+# p SecureRandom.base64(10) #=> “KO1nIU+p9DKxGg==”
+# p SecureRandom.base64(11) #=> “l7XEiFja+8EKEtY=”
+# p SecureRandom.base64(12) #=> “7kJSM/MzBJI+75j8”
+# p SecureRandom.base64(13) #=> “vKLJ0tXBHqQOuIcSIg==”
+# …
+#
+# # random binary string.
+# p SecureRandom.random_bytes(10) #=> “\016\t{\370g\310pbr\301”
+# p SecureRandom.random_bytes(10) #=> “\323U\030TO\234\357\020\a\337”
+# …
+
+begin

• require ‘openssl’
  +rescue LoadError
  +end

+module SecureRandom

• SecureRandom.random_bytes generates a random binary string.

• The argument n specifies the length of the result string.

• If n is not specified, 16 is assumed.

• It may be larger in future.

• If secure random number generator is not available,

• NotImplementedError is raised.

• def self.random_bytes(n=nil)
• n ||= 16
• if defined? OpenSSL::Random

•  return OpenSSL::Random.random_bytes(n)
  

• end
• if !defined?(@has_urandom) || @has_urandom

•  @has_urandom = false
  

•  flags = File::RDONLY
  

•  flags |= File::NONBLOCK if defined? File::NONBLOCK
  

•  flags |= File::NOCTTY if defined? File::NOCTTY
  

•  flags |= File::NOFOLLOW if defined? File::NOFOLLOW
  

•  begin
  

•    File.open("/dev/urandom", flags) {|f|
  

•      unless f.stat.chardev?
  

•        raise Errno::ENOENT
  

•      end
  

•      @has_urandom = true
  

•      ret = f.readpartial(n)
  

•      if ret.length != n
  

•        raise NotImplementedError, "Unexpected partial read from 
  

random device"

•      end
  

•      return ret
  

•    }
  

•  rescue Errno::ENOENT
  

•    raise NotImplementedError, "No random device"
  

•  end
  

• end
• raise NotImplementedError, “No random device”
• end

• SecureRandom.hex generates a random hex string.

• The argument n specifies the length of the random length.

• The length of the result string is twice of n.

• If n is not specified, 16 is assumed.

• It may be larger in future.

• If secure random number generator is not available,

• NotImplementedError is raised.

• def self.hex(n=nil)
• random_bytes(n).unpack(“H*”)[0]
• end

• SecureRandom.base64 generates a random base64 string.

• The argument n specifies the length of the random length.

• The length of the result string is about 4/3 of n.

• If n is not specified, 16 is assumed.

• It may be larger in future.

• If secure random number generator is not available,

• NotImplementedError is raised.

• def self.base64(n=nil)
• [random_bytes(n)].pack(“m*”).delete("\n")
• end

• SecureRandom.random_number generates a random number.

• If an positive integer is given as n,

• SecureRandom.random_number returns an integer:

• 0 <= SecureRandom.random_number(n) < n.

• If 0 is given or an argument is not given,

• SecureRandom.random_number returns an float:

• 0.0 <= SecureRandom.random_number() < 1.0.

• def self.random_number(n=0)
• if 0 < n

•  hex = n.to_s(16)
  

•  hex = '0' + hex if (hex.length & 1) == 1
  

•  bin = [hex].pack("H*")
  

•  mask = bin[0]
  

•  mask |= mask >> 1
  

•  mask |= mask >> 2
  

•  mask |= mask >> 4
  

•  begin
  

•    rnd = SecureRandom.random_bytes(bin.length)
  

•    rnd[0] = (rnd[0] & mask).chr
  

•  end until rnd < bin
  

•  rnd.unpack("H*")[0].hex
  

• else

•  # assumption: Float::MANT_DIG <= 64
  

•  i64 = SecureRandom.random_bytes(8).unpack("Q")[0]
  

•  Math.ldexp(i64 >> (64-Float::MANT_DIG), -Float::MANT_DIG)
  

• end
• end
  +end
  Index: lib/cgi/session.rb
  ===================================================================
  — lib/cgi/session.rb (e$B%j%S%8%g%se(B 13603)
  +++ lib/cgi/session.rb (e$B:n6H%3%T!<e(B)
  @@ -174,16 +174,22 @@

  is used internally for automatically generated

  session ids.

  def create_new_id

•  require 'digest/md5'
  

•  md5 = Digest::MD5::new
  

•  now = Time::now
  

•  md5.update(now.to_s)
  

•  md5.update(String(now.usec))
  

•  md5.update(String(rand(0)))
  

•  md5.update(String($$))
  

•  md5.update('foobar')
  

•  require 'securerandom'
  

•  begin
  

•    session_id = SecureRandom.hex(16)
  

•  rescue NotImplementedError
  

•    require 'digest/md5'
  

•    md5 = Digest::MD5::new
  

•    now = Time::now
  

•    md5.update(now.to_s)
  

•    md5.update(String(now.usec))
  

•    md5.update(String(rand(0)))
  

•    md5.update(String($$))
  

•    md5.update('foobar')
  

•    session_id = md5.hexdigest
  

•  end
   @new_session = true
  

•  md5.hexdigest
  

•  session_id
  

  end
  private :create_new_id

At Wed, 3 Oct 2007 12:49:20 +0900,
Tanaka A. wrote:

securerandom.rb ã‚’ 1.8 ã«è¿½åŠ ã—ã€cgi/session.rb に使わせたい
のですが、どうでしょうか。

　いいと思います。ライブラリ名も明示的で納得できます。ただ、
メソッド名に random_ が付いたり付かなかったりする点が気になり
ます。

　ruby-dev の議論は読んだんですが、メソッド名が決まった経緯は
追い切れませんでした。こういうのはいまいちでしょうか。

random_number(i) → integer
random_number(f=1.0) → float
random_bytes(n) → binary_string / string
hex(n) → hex_string
base64(n) → base64_string

cgi/session.rb に限りませんが、session cookie の生成には暗号
学的にそれなりに安全な乱数が必要です。

しかし、現状の Ruby ではそのような安全な乱数を得る簡単な API
が用意されていないため、安全なんかどうなのかよくわからない怪
しげなコードで session cookie を生成することがあります。

やはり、そういう難しい暗号の話は、餅は餅屋ということで外部
(OpenSSL や /dev/urandom) にまかせるのがいいのではないでしょ
うか。

ã€€ãã†ã§ã™ã­ã€‚æœ‰ç”¨ãªå ´é¢ã¯å¤šã„ã¨æ€ã„ã¾ã™ã€‚

–
/
/__ __ Akinori.org / MUSHA.org
/ ) ) ) ) / FreeBSD.org / Ruby-lang.org
Akinori MUSHA aka / (_ / ( (__( @ iDaemons.org / and.or.jp

“Different eyes see different things,
Different hearts beat on different strings –
But there are times for you and me when all such things agree”

In article [email protected],
“Akinori MUSHA” [email protected] writes:

hex(n) → hex_string
base64(n) → base64_string

random_number e$B$Oe(B rand e$B8_49$G!“e(BSecureRandom
e$B$,E,@Z$J%1!<%9$Ge(B
rand e$B$r;H$C$F$$$?!”$H$$$&>l9g$K5!3#E*$K=q$-49$($i$l$k$h$&$K!"e(B
e$B$H$$$&0U?^$G$9!#$G$b$=$s$J$K$*A&$a$G$O$J$/!"e(Bhex e$B$de(B base64
e$B$re(B
e$B;H$C$F$[$7$$$N$GD9$$L>A0$K$J$C$F$$$^$9!#e(B

integer e$B$O$"$C$F$$$$$+$b$7$l$^$;$s$,!“MQES$O$J$s$H$$$&$+e(B
session id e$B$H$+$h$j$O$b$C$H@lLgE*$J$b$N$K$J$k5$$,$7$^$9!#e(B
e$B8+<1$,$”$k$R$H$KI,MW@-$r@b$+$l$F$+$i$GCY$/$J$$$h$&$K;W$$$^$9!#e(B

float e$B$Oe(B (e$B>e5-$N=q$-49$(0J30$G$Oe(B)
e$B$A$g$C$HMQES$,;W$$Ev$?$j$^e(B
e$B$;$s!#e(B

random_bytes e$B$Oe(B OpenSSL::Random.random_bytes e$B$KM3Mh$7$^$9!#e(B
bytes e$B$K$7$h$&$+$H9M$($?$3$H$b$"$j$^$9$,!"e(B[ruby-dev:31515]
e$B$N$h$&$Ke(B IO#bytes e$B$He(B Random#bytes
e$B$G0c$&$N$G$I$&$7$?$b$N$+$J$!e(B
e$B$H;W$$$D$D!“e(Brandom_bytes e$B<+BN$O$=$s$J$K;H$$$d$9$/$J$/$F$b$$e(B
e$B$$$+!”$H$$$&$3$H$G$=$N$^$^$K$J$C$F$$$^$9!#e(B

binary_string, string e$B$OJLL>$H$7$F$"$j$&$k$H;W$$$^$9!#e(B

hex e$B$He(B base64 e$B$,C;$$$N$O0U?^E*$G$9!#$3$l$i$r;H$$$^$7$g$&$H$$e(B
e$B$&?d>)$r<($7$F$$$^$9!#e(B

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

1.9e$B8~$1$K=`Hw$7$F$$$?!";d$HEDCf$5$s$,9g0U$7!“e(Bruby-coree$B$G0U8+$bJg=8$7$F$^e(B
e$B$H$a!“CfED$5$s$&$5$5$s$N6(NO$K$h$j<BAu$9$k$b!”$^$D$b$H$5$s0l?M$N!Ve(Bsrand
e$B$J$/$9$H$J$k$H$I$&$J$s$@$m$&$J$”!W$H$$$&M}M3$,L@3N$G$J$$H?BP$K$h$j;_$^$Ce(B
e$B$?e(B(e$B"(e(B)Randome$B%/%i%9!"$N>pJs$rDs6!!#e(B

Tanaka A. wrote:

hex(n) -> hex_string

float e$B$Oe(B (e$B>e5-$N=q$-49$(0J30$G$Oe(B) e$B$A$g$C$HMQES$,;W$$Ev$?$j$^e(B
e$B$;$s!#e(B

Randome$B%/%i%9$G$O!"e(BRandom#rande$B$K$J$C$F$$$?$b$N$G$9$M!#$3$A$i$NL?L>$O0\9Te(B
e$B$N$70W$5M%@h$GDs0F$7$?$b$N$G$7$?!#e(B

rand()e$B$+$ie(BSecureRandome$B$X$N0\9T$rI,MW0J>e$KB%$9I,MW$O$J$$$G$9$+$i!“e(Brande$B$He(B
e$B$$$&L>>N$K$3$@$o$j$O$”$j$^$;$s!#0\9T$rB%$9I,MW$,$J$$!"$H$$$&4QE@$+$i$9$ke(B
e$B$H!"$$$C$=$N$3$He(Brandom_numbere$B$bITMW$J$N$G$O!#e(B

random_bytes e$B$Oe(B OpenSSL::Random.random_bytes e$B$KM3Mh$7$^$9!#e(B
bytes e$B$K$7$h$&$+$H9M$($?$3$H$b$"$j$^$9$,!"e(B[ruby-dev:31515]
e$B$N$h$&$Ke(B IO#bytes e$B$He(B Random#bytes e$B$G0c$&$N$G$I$&$7$?$b$N$+$J$!e(B
e$B$H;W$$$D$D!“e(Brandom_bytes e$B<+BN$O$=$s$J$K;H$$$d$9$/$J$/$F$b$$e(B
e$B$$$+!”$H$$$&$3$H$G$=$N$^$^$K$J$C$F$$$^$9!#e(B

OpenSSL::Random.random_bytese$B$b!"$=$l$[$I9M$($i$l$F:n$i$l$?%a%=%C%I$8$c$Je(B
e$B$5$=$&$G$9$+$i!"M3Mh$H$$$&$[$I$N$3$H$O$J$$$H;W$$$^$9!J$A$J$$Ke(BOpenSSLe$B$Ne(B
e$B4X?tL>$Oe(BRAND_bytes()e$B!K!#:G=i$K<BAu$7$?%%+%m%3$H$7$F$b!“EDCf$5$s$N;XE&F1e(B
e$BMM!”!Ve(Bbytese$B$8$c4JC1$9$.$k$+$J!W$H;W$C$?$N$+$b$7$l$^$;$s!#e(B

e$B$?$@!"8D?ME*$K$O!"e(Bhexe$B!“e(Bbase64e$B$,$”$^$j%T%s$H$3$J$$$N$G!J8e=R!K!“e(B
SecureRandom.bytese$B$H$$$&C;$$L>>N$K$7$F!”$3$A$i$3$=?d>)$K$7$?$$$H$3$m$Ge(B
e$B$9!#e(BSecureRandom.random_bytes(256/8)e$B$H$+!"D9$/$FHa$7$$!#e(B

binary_string, string e$B$OJLL>$H$7$F$"$j$&$k$H;W$$$^$9!#e(B

e$B!J$3$3$Ge(B1.9e$B$N$3$H$r9M$($F$b$7$g!<$,$J$$$G$9$,!Ke(Bstringe$B$H$$$&L>>N$O:.Mp$re(B
e$B>7$-$=$&$J!#e(B

hex e$B$He(B base64 e$B$,C;$$$N$O0U?^E*$G$9!#$3$l$i$r;H$$$^$7$g$&$H$$e(B
e$B$&?d>)$r<($7$F$$$^$9!#e(B

e$B;d$H$7$F$O!"0J2<$NM}M3$+$i!“e(Bhexe$B$He(Bbase64e$B$K$O$”$^$j%T%s$H$-$F$^$;$s!#e(B

1. hexe$B$de(Bbase64e$B$,%(%s%3!<%I%U%)!<%^%C%H$G$"$j!“e(B
   e$B!V0E9f3XE*$K6/EY$N$”$kMp?t!W$H$$$&%/%i%9$NK<A$H$N7k$SIU$-$,<e$$!#e(B

2. e$B=>Mh$NMp?te(BAPIe$B$G!"$=$N$h$&$J$b$N$r8+$?$3$H$,$J$$!#e(B
   e$BCN$C$F$k$N$Oe(BJavae$B!"e(B.NETe$B!"e(Bpythone$B!"e(BPKCS#11e$B$/$i$$$G$9$1$I!#e(B

e$B$^!“e(B2e$B$O$”$^$j=EMW;k$9$Y$-$3$H$G$O$J$$$G$9$7!"!V$I$&$;B?$/$N?M$O!“e(Bhexe$B$+e(B
base64e$B$9$k$s$@$+$i!W$H$$$&$N$O$o$+$k$s$G$9$1$I!#M_$7$$?M$,MW$k$N$KH?BP$Oe(B
e$B$7$^$;$s$,!”?d>)$H$$$&$N$O$J$!!#e(B

(e$B"(e(B) e$B$+$J$j:,$K;}$C$F$$$k!#e(B

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)

iQEVAwUBRwuFOx9L2jg5EEGlAQJl5ggAsmro4Md2puv+GZaYJbA8OWkUwAVT5BPA
+MxP9YiaPVkFqYFyj1A+52eM1RXCRlpebzIO4t2sSTHoSeJ5m8BwzL+6l6J0n9hm
WreXBRYI5dIKHpy229K4yfH9jgSEo9NXDRoEsWZ0Iy6AbwhdtZNudthFVzPrffw0
5oRVUl9MqYKUnYExY9wpxZDdBJ2G+/5F2nJSdz4I7YGWYHn8L5vNc/8/WVijQ/Be
m2MeZKXadTmxske4rw8dHDeKAsreO6GvUu2YdNLjvUft5mTW18TAi6cwN7coOdJm
vS6/H95CK9yMaa8YP/02UyY/SNhbevnWxmzI+B5fW8D6gim4ciyDxA==
=O34I
-----END PGP SIGNATURE-----

e$B$^$D$b$He(B e$B$f$-$R$m$G$9e(B

In message “Re: [ruby-dev:31993] Re: securerandom.rb for 1.8”
on Tue, 9 Oct 2007 22:43:01 +0900, “NAKAMURA, Hiroshi”
[email protected] writes:

|1.9e$B8~$1$K=`Hw$7$F$$$?!“;d$HEDCf$5$s$,9g0U$7!“e(Bruby-coree$B$G0U8+$bJg=8$7$F$^e(B
|e$B$H$a!“CfED$5$s$&$5$5$s$N6(NO$K$h$j<BAu$9$k$b!”$^$D$b$H$5$s0l?M$N!Ve(Bsrand
|e$B$J$/$9$H$J$k$H$I$&$J$s$@$m$&$J$”!W$H$$$&M}M3$,L@3N$G$J$$H?BP$K$h$j;_$^$Ce(B
|e$B$?e(B(e$B”(e(B)Randome$B%/%i%9!"$N>pJs$rDs6!!#e(B

e$B$(!<$H!“e(BRandome$B%/%i%9$=$N$b$N$KH?BP$7$?3P$($O$”$j$^$;$s!#e(B
Randome$B%/%i%9$rF3F~$9$k$H$7$F!“$9$G$K$”$ke(Bsrande$B$d$i$r:o$kI,MW$,e(B
e$B$“$k$N$+$I$&$+!”$HH/8@$7$?$@$1$G$9!#$3$l$r!V;d0l?M$NM}M3$,L@e(B
e$B3N$G$J$$H?BP!W$H$5$l$k$N$OITK~$@$J!#e(B

e$B5DO@$NN.$l$r0-$/$7$?$+$b$7$l$J$$$1$I!#e(B

                            e$B$^$D$b$He(B e$B$f$-$R$me(B /:|)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yukihiro M. wrote:

|1.9e$B8~$1$K=`Hw$7$F$$$?!";d$HEDCf$5$s$,9g0U$7!“e(Bruby-coree$B$G0U8+$bJg=8$7$F$^e(B
|e$B$H$a!“CfED$5$s$&$5$5$s$N6(NO$K$h$j<BAu$9$k$b!”$^$D$b$H$5$s0l?M$N!Ve(Bsrand
|e$B$J$/$9$H$J$k$H$I$&$J$s$@$m$&$J$”!W$H$$$&M}M3$,L@3N$G$J$$H?BP$K$h$j;_$^$Ce(B
|e$B$?e(B(e$B"(e(B)Randome$B%/%i%9!"$N>pJs$rDs6!!#e(B

e$B$(!<$H!“e(BRandome$B%/%i%9$=$N$b$N$KH?BP$7$?3P$($O$”$j$^$;$s!#e(B
Randome$B%/%i%9$rF3F~$9$k$H$7$F!"$9$G$K$"$ke(Bsrande$B$d$i$r:o$kI,MW$,e(B
e$B$"$k$N$+$I$&$+!"$HH/8@$7$?$@$1$G$9!#$3$l$r!V;d0l?M$NM}M3$,L@e(B
e$B3N$G$J$$H?BP!W$H$5$l$k$N$OITK~$@$J!#e(B

e$B2sEz$7$^$;$s$G$7$?$C$1!#e(B[ruby-dev:31555]e$B$G$9!#:o$kI,MW$,$"$k!"$H$^$G$OFIe(B
e$B$a$J$+$C$?$+!#<B:]$N$H$3$m!"$"$N:n6H$O!"!V%0%m!<%P%k$J>uBV$rJQ99$9$k$b$Ne(B
e$B$O:o=|!W$N$?$a$K$d$C$F$$$?$o$1$G$9!#e(B

e$BITK~$K$D$$$F$O;DG0$K;W$$$^$9$,!"<B:]$N$H$3$m!"$^$D$b$H$5$s$N!"e(B

| e$B$"$l!“e(Bsrande$B$C$F$J$/$9$s$G$7$?$C$1!#0z?t$J$7$N$b$N$O;D$9$H$$e(B
| e$B$&G’<1$G$7$?!#40A4$K$J$/$9$H$J$k$H$I$&$J$s$@$m$&$J$”!#e(B

e$B0J30$NH?BP$O$J$+$C$?$O$:$G$9!#$=$l$X$NH?O@$*$h$SBE6(0F$Oe(B[ruby-dev:31555]
e$B$K=q$-$^$7$?!#5DO@$,B3$$$F$?Aj<j$b$^$D$b$H$5$s$@$1!#$H$$$&$o$1$G;d$H$7$Fe(B
e$B$O$^$@!"$^$D$b$H$5$s0l?M$N!Ve(Bsrande$B$J$/$9$H$J$k$H$I$&$J$s$@$m$&$J$"!W$H$$e(B
e$B$&M}M3$,L@3N$G$J$$H?BP$K$h$j;_$^$C$?!"$rE12s$9$k$H$3$m$^$G$O$$$+$J$$$J!#e(B

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)

iQEVAwUBRwuWJR9L2jg5EEGlAQIgxAf8C2G/uPQeEIOys/F38WyPyHFQJWsnkcmq
jIE2p5v+4J8/Almu76Bmi+MoFOdUnJ8U+c2urB4XH5byXsuTbKN4sOJI3a7PmxhN
inYuG8D4k9uHPdpJectth5oV6qEBUEw+GoPVGHMZDkSFqYHbV+zWZUaCqsdc+6bc
Kwr8XkB7PEPvAZvSlV/fpDlYo+hCWaU7tvcVgpjcO5e2a+ZTtOkralSXsU/PNcYZ
+/HqBlsS2Af9IT+Jo0sVUKmjFCpidNgWoSdIxwClrEbMCBFtSghI0iEArShui5/9
Z4rL0b+2mYx9gsX3mV2nGgH1HP7haJ/PHj1752cao5osF6kWWKVV9g==
=R1VA
-----END PGP SIGNATURE-----

e$B$^$D$b$He(B e$B$f$-$R$m$G$9e(B

In message “Re: [ruby-dev:31997] Re: securerandom.rb for 1.8”
on Tue, 9 Oct 2007 23:55:13 +0900, “NAKAMURA, Hiroshi”
[email protected] writes:

|e$B2sEz$7$^$;$s$G$7$?$C$1!#e(B[ruby-dev:31555]e$B$G$9!#:o$kI,MW$,$“$k!”$H$^$G$OFIe(B
|e$B$a$J$+$C$?$+!#<B:]$N$H$3$m!“$”$N:n6H$O!"!V%0%m!<%P%k$J>uBV$rJQ99$9$k$b$Ne(B
|e$B$O:o=|!W$N$?$a$K$d$C$F$$$?$o$1$G$9!#e(B

e$B$^$“!”$=$&=q$$$F$O$"$j$^$7$?$1$I!“F05!$,==J,$KFI$_<h$l$J$+$Ce(B
e$B$?$N$G!#!V$J$<:o=|$7$?$$$+!W$H$$$&ItJ,$G$9$h$M!#8@$o$J$/$F$be(B
e$B$o$+$k$H;W$o$l$?$N$+!”$A$c$s$H@bL@$7$F$b$i$C$F$^$;$s!#!V$J$/e(B
e$B$F$b$$$$$h$M!W$/$i$$$7$+!#$=$l$H$b8+Mn$H$7$F$k$N$+$Je(B(e$B==J,$"e(B
e$B$j$($ke(B)e$B!#e(B

|e$BITK~$K$D$$$F$O;DG0$K;W$$$^$9$,!“<B:]$N$H$3$m!”$^$D$b$H$5$s$N!“e(B
|
|| e$B$”$l!“e(Bsrande$B$C$F$J$/$9$s$G$7$?$C$1!#0z?t$J$7$N$b$N$O;D$9$H$$e(B
|| e$B$&G’<1$G$7$?!#40A4$K$J$/$9$H$J$k$H$I$&$J$s$@$m$&$J$”!#e(B
|
|e$B0J30$NH?BP$O$J$+$C$?$O$:$G$9!#$=$l$X$NH?O@$*$h$SBE6(0F$Oe(B[ruby-dev:31555]
|e$B$K=q$-$^$7$?!#5DO@$,B3$$$F$?Aj<j$b$^$D$b$H$5$s$@$1!#$H$$$&$o$1$G;d$H$7$Fe(B
|e$B$O$^$@!“$^$D$b$H$5$s0l?M$N!Ve(Bsrande$B$J$/$9$H$J$k$H$I$&$J$s$@$m$&$J$”!W$H$$e(B
|e$B$&M}M3$,L@3N$G$J$$H?BP$K$h$j;_$^$C$?!"$rE12s$9$k$H$3$m$^$G$O$$$+$J$$$J!#e(B

e$BH?O@$OJ9$-$^$7$?!#$"$N%a!<%k$G$OBE6($O$7$F$J$$$H;W$&$1$I!#e(B
e$B$=$l$r8@$&$J$ie(B[ruby-dev:31174]e$B$G$Oe(B

e$BNc$($P!Ve(Bsrande$BGQ;_$9$k$h$&$J$N$OF~$l$J$$!W$H$+e(B
e$B$"$l$PJ}8~=$@5$9$k$N$G!"Aa$a$K65$($F$/$@$5$$!#e(B

e$B$H$"$C$?$N$K!"e(B[ruby-dev:31555]e$B$Ge(B

e$B$H$$$&$o$1$G;d$O!VL50z?te(Bsrande$B$OMW$i$s!#$b$78_49@-=E;k$H$9$k$J$i!"0z?t$"e(B
e$B$je(Bsrande$B$b;D$7$Fe(Bwarninge$B!#$G$be(Bwarninge$B7y$$!W$G$9!#H?BP0U8+Jg=8!#e(B

e$B$H$7$F!“$$$-$J$j!VJ}8~=$@5!W$N2j$O$&$C$A$c$i$l$F$7$^$C$F$^$9!#e(B
e$B;d$H$7$F$be(Bsrande$B$r;D$9$+$I$&$+$,$=$l$[$I=EMW$@$H;W$C$F$J$$$s$Ge(B
e$B$9$,!”$3$&$$$&N.$l$@$H$I$&BP1~$7$?$b$s$@$+8MOG$C$F$k$&$A$KJ|e(B
e$BCV$7$A$c$C$?$H8@$&$N$,<B:]$@$H;W$$$^$9!#e(B

e$B!V$J$k$Y$/8_49@-$O0];}$7$?J}$,$h$$!W!“!V$J$/$F$b$”$^$j:$$i$Je(B
e$B$$!W$H$$$&>u67$@$H!“A0<T$rA*$S$?$$5$$,$7$^$9!#$G$b!”$3$N7o$Ke(B
e$B$D$$$F$O8_49@-$O$“$^$j=EMW$G$O$J$$$H;W$&$N$G!”;d$,8+Mn$H$7$?e(B
e$B!V$J$/$9$Y$-F05!!W$,$“$k$s$J$i!”<u$1F~$l$k$N$O$d$V$5$+$G$O$Je(B
e$B$$$H$$$&$H$3$m!#e(B

                            e$B$^$D$b$He(B e$B$f$-$R$me(B /:|)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yukihiro M. wrote:

|e$B2sEz$7$^$;$s$G$7$?$C$1!#e(B[ruby-dev:31555]e$B$G$9!#:o$kI,MW$,$"$k!"$H$^$G$OFIe(B
|e$B$a$J$+$C$?$+!#<B:]$N$H$3$m!"$"$N:n6H$O!"!V%0%m!<%P%k$J>uBV$rJQ99$9$k$b$Ne(B
|e$B$O:o=|!W$N$?$a$K$d$C$F$$$?$o$1$G$9!#e(B

e$B$^$"!"$=$&=q$$$F$O$"$j$^$7$?$1$I!“F05!$,==J,$KFI$_<h$l$J$+$Ce(B
e$B$?$N$G!#!V$J$<:o=|$7$?$$$+!W$H$$$&ItJ,$G$9$h$M!#8@$o$J$/$F$be(B
e$B$o$+$k$H;W$o$l$?$N$+!”$A$c$s$H@bL@$7$F$b$i$C$F$^$;$s!#!V$J$/e(B
e$B$F$b$$$$$h$M!W$/$i$$$7$+!#$=$l$H$b8+Mn$H$7$F$k$N$+$Je(B(e$B==J,$"e(B
e$B$j$($ke(B)e$B!#e(B

e$B$J$k$[$I!#$=$&8@$C$F$/$l$l$P$$$$$N$K!#$G$O!"$b$7e(BRandome$BF3F~$N5DO@$r:F3+$7e(B
e$B$?$/$J$C$?>l9g$K$O!"%9%l%C%I$+$iF05!$NItJ,$r=&$C$F$-$F@0M}$7$^$9!#:G=ie(B
e$B$N!"EDCf$5$s$H$Ne(Bsecrand.rbe$B$K4X$9$kOC$,860x$N$O$:!#e(B
[ruby-dev:30944]e$B!Je(B6/9e$B!K!“e(B[ruby-dev:30963]e$B!Je(B6/12e$B!K$”$?$j$+$Je(B?

OT:
e$B:#$Oe(BRubyGemse$B$He(BRakee$B$N$[$&$,M%@h!#e(B[ruby-dev:31970]e$B!“e(B[ruby-dev:31972]e$B$Ne(B
e$BJV?.$r$*BT$A$7$F$$$^$9!#e(Bruby-coree$B$N5DO@$b!”$=$l$G;_$a$F$$$^$9!#$b$7!V$Ie(B
e$B$&JV?.$7$?$b$s$@$+!W$N>l9g$K$O!"2?$,ITL@$+!"2?$KLB$C$F$$$k$+$r65$($F$/$@e(B
e$B$5$$!#e(B

e$BH?O@$OJ9$-$^$7$?!#$"$N%a!<%k$G$OBE6($O$7$F$J$$$H;W$&$1$I!#e(B
e$B$H$7$F!"$$$-$J$j!VJ}8~=$@5!W$N2j$O$&$C$A$c$i$l$F$7$^$C$F$^$9!#e(B
e$B;d$H$7$F$be(Bsrande$B$r;D$9$+$I$&$+$,$=$l$[$I=EMW$@$H;W$C$F$J$$$s$Ge(B
e$B$9$,!"$3$&$$$&N.$l$@$H$I$&BP1~$7$?$b$s$@$+8MOG$C$F$k$&$A$KJ|e(B
e$BCV$7$A$c$C$?$H8@$&$N$,<B:]$@$H;W$$$^$9!#e(B

e$B>e$NOC$HF1$8$G$9$,!"!V%0%m!<%P%k$J>uBV$rJQ99$9$k$b$N$O:o=|!W$,A0Ds$@$C$?e(B
e$B$N$G!“e(Bwarninge$B$OJ}8~=$@5$N$D$b$j$G$9$h!#$=$l$,%9%8$,0-$$$H$$$&;XE&$O$”$Ce(B
e$B$F$b$h$$$H;W$$$^$9$,!"$^$D$b$H$5$s$+$i$N;XE&$O$"$j$^$;$s$G$7$?!#e(B

e$B$"$H!"e(B[ruby-dev:31174]e$B!Je(B7/10e$B!K$N!Ve(Bsrande$BGQ;_$9$k$s$@$1$IK\Ev$K$$$$$Ne(B?e$B!W$+e(B
e$B$i!“e(B[ruby-dev:31545]e$B!Je(B8/21e$B!K$N!V$”$l!“e(Bsrande$B$C$F$J$/$9$s$G$7$?$C$1!W$^$Ge(B
e$B==J,BT$?$5$l$F$$$k$N$G!”!V$3$&$$$&N.$l$@$H!W$H8@$o$l$k$N$OITK~$@$J!#0lBNe(B
e$B$I$&$7$?$i$h$+$C$?$s$G$7$g$&!#e(B

e$B$^!“0l%v7nDxEY$G2?$r!”$HEDCf$5$s$K>P$o$l$=$&$@$1$I!#e(B

e$B!V$J$k$Y$/8_49@-$O0];}$7$?J}$,$h$$!W!"!V$J$/$F$b$"$^$j:$$i$Je(B
e$B$$!W$H$$$&>u67$@$H!“A0<T$rA*$S$?$$5$$,$7$^$9!#$G$b!”$3$N7o$Ke(B
e$B$D$$$F$O8_49@-$O$"$^$j=EMW$G$O$J$$$H;W$&$N$G!";d$,8+Mn$H$7$?e(B
e$B!V$J$/$9$Y$-F05!!W$,$"$k$s$J$i!"<u$1F~$l$k$N$O$d$V$5$+$G$O$Je(B
e$B$$$H$$$&$H$3$m!#e(B

e$B$=$l$G$O!“e(BRubyGemse$B$He(BRakee$B$He(BCSVe$B$NOC$,JRIU$$$F!”$^$@e(B1.9.1e$B$K4V$K9g$&$h$&$G$“e(B
e$B$l$P!”>x$7JV$9$3$H$K$7$^$9!#C/$+B>$N?M$,>x$7JV$7$F$/$l$F$b9=$$$^$;$s$,!"e(B
e$B$$$J$$$+$J!#e(B

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)

iQEVAwUBRwv7xh9L2jg5EEGlAQKzKgf/dhOvGKWMnI7/Bq5f0b8ycXSxzpPbwpPI
U+tgYFE0T3G76DkF1u9tb5RumPTj0wWdjRPl30arN1KoTuozIJxxVKyTTkaQcbwt
ReySV5YW3zQnMOuMuJiyc6pE/5c3++7wsWYdRkn4Ttdclf9iiiFrDVc5qQaPau7T
G+7ce/lkDcHLbslZ8GSawiAUch8Ai/okwIdgtr9Cs+m2pdE+Y8KNyC7h7nmqXinS
Om13qJIvTQ0m1sYHznLQ5uFMjX+UwhzgruRIXNhLFFTAQzleUfLaMdO0K51U7Itd
er/+Uc6ShUuS7P3TnMary0JQCgIuzYIgb3t/QklKRvY9EN6bor1uJQ==
=B29k
-----END PGP SIGNATURE-----

In article [email protected],
“NAKAMURA, Hiroshi” [email protected] writes:

e$B$J$k$[$I!#$=$&8@$C$F$/$l$l$P$$$$$N$K!#$G$O!“$b$7e(BRandome$BF3F~$N5DO@$r:F3+$7e(B
e$B$?$/$J$C$?>l9g$K$O!”%9%l%C%I$+$iF05!$NItJ,$r=&$C$F$-$F@0M}$7$^$9!#:G=ie(B
e$B$N!"EDCf$5$s$H$Ne(Bsecrand.rbe$B$K4X$9$kOC$,860x$N$O$:!#e(B
[ruby-dev:30944]e$B!Je(B6/9e$B!K!“e(B[ruby-dev:30963]e$B!Je(B6/12e$B!K$”$?$j$+$Je(B?

srand e$B$K4X$9$k;d$N9M$($O;2>H$5$l$F$$$ke(B [ruby-dev:30963] e$B$K=qe(B
e$B$$$F$“$j$^$9$,!”!VIaDL$N?M$,;H$C$F$$$k0BDjHGe(B ruby e$B$Ke(B Random
e$B$,F~$C$?8e$G!We(Bsrand
e$B$rGQ;_$9$k$N$b$$$$$@$m$&!"$H$$$&$b$N$G$9!#e(B

e$B$J$N$G!“8=;~E@$G9T$&$H$$$&$J$R$5$s$NH=CG$KI,$:$7$b;?@.$9$k$oe(B
e$B$1$G$O$”$j$^$;$s!#e(B

e$B$^$!!“$J$R$5$s$,<+?H$NH=CG$K$*$$$F$=$&$9$k$H$$$&$N$G$”$l$PH?e(B
e$BBP$9$k$[$I$G$b$"$j$^$;$s$,!#e(B

In article [email protected],
“NAKAMURA, Hiroshi” [email protected] writes:

Randome$B%/%i%9$G$O!"e(BRandom#rande$B$K$J$C$F$$$?$b$N$G$9$M!#$3$A$i$NL?L>$O0\9Te(B
e$B$N$70W$5M%@h$GDs0F$7$?$b$N$G$7$?!#e(B

rand()e$B$+$ie(BSecureRandome$B$X$N0\9T$rI,MW0J>e$KB%$9I,MW$O$J$$$G$9$+$i!“e(Brande$B$He(B
e$B$$$&L>>N$K$3$@$o$j$O$”$j$^$;$s!#0\9T$rB%$9I,MW$,$J$$!“$H$$$&4QE@$+$i$9$ke(B
e$B$H!”$$$C$=$N$3$He(Brandom_numbere$B$bITMW$J$N$G$O!#e(B

e$BI,MW$,$“$kDxEY$K$OB%$9I,MW$,$”$k$N$G!"ITMW$H$O;W$$$^$;$s!#e(B

OpenSSL::Random.random_bytese$B$b!"$=$l$[$I9M$($i$l$F:n$i$l$?%a%=%C%I$8$c$Je(B
e$B$5$=$&$G$9$+$i!"M3Mh$H$$$&$[$I$N$3$H$O$J$$$H;W$$$^$9!J$A$J$$Ke(BOpenSSLe$B$Ne(B
e$B4X?tL>$Oe(BRAND_bytes()e$B!K!#:G=i$K<BAu$7$?%%+%m%3$H$7$F$b!“EDCf$5$s$N;XE&F1e(B
e$BMM!”!Ve(Bbytese$B$8$c4JC1$9$.$k$+$J!W$H;W$C$?$N$+$b$7$l$^$;$s!#e(B

e$B!V%_%+%m%3!W$C$F$J$s$G$9$+e(B?

e$B$?$@!"8D?ME*$K$O!"e(Bhexe$B!“e(Bbase64e$B$,$”$^$j%T%s$H$3$J$$$N$G!J8e=R!K!“e(B
SecureRandom.bytese$B$H$$$&C;$$L>>N$K$7$F!”$3$A$i$3$=?d>)$K$7$?$$$H$3$m$Ge(B
e$B$9!#e(BSecureRandom.random_bytes(256/8)e$B$H$+!"D9$/$FHa$7$$!#e(B

e$B%P%$%J%j$NJ8;zNs$r@8@.$9$k$N$C$F$=$s$J$K;H$$$^$9$+$M$'e(B?
e$B$"$^$j;H$o$l$J$$$HM=A[$7$F$$$k$N$G$9$,!#e(B

binary_string, string e$B$OJLL>$H$7$F$"$j$&$k$H;W$$$^$9!#e(B

e$B!J$3$3$Ge(B1.9e$B$N$3$H$r9M$($F$b$7$g!<$,$J$$$G$9$,!Ke(Bstringe$B$H$$$&L>>N$O:.Mp$re(B
e$B>7$-$=$&$J!#e(B

1.9 e$B$H$I$&4X78$9$k$N$G$7$g$&e(B?

e$B%P!<%8%g%s$O$$$:$l$"$,$C$F$$$/$o$1$G$9$+$i!“7|G0$,$”$l$P65$(e(B
e$B$F$/$@$5$$!#e(B

e$B;d$H$7$F$O!"0J2<$NM}M3$+$i!“e(Bhexe$B$He(Bbase64e$B$K$O$”$^$j%T%s$H$-$F$^$;$s!#e(B

1. hexe$B$de(Bbase64e$B$,%(%s%3!<%I%U%)!<%^%C%H$G$"$j!“e(B
   e$B!V0E9f3XE*$K6/EY$N$”$kMp?t!W$H$$$&%/%i%9$NK<A$H$N7k$SIU$-$,<e$$!#e(B

session id e$B$H$$$&MQK!$K$*$$$F6/$$7k$SIU$-$,$"$j$^$9!#e(B

e$B;H$$$d$9$$%i%$%V%i%j$r%G%6%$%s$9$k$K$OA[Dj$5$l$kMQK!$r==J,$Ke(B
e$B;Y1g$9$k$3$H$,=EMW$G$9!#e(B

2. e$B=>Mh$NMp?te(BAPIe$B$G!"$=$N$h$&$J$b$N$r8+$?$3$H$,$J$$!#e(B
   e$BCN$C$F$k$N$Oe(BJavae$B!"e(B.NETe$B!"e(Bpythone$B!"e(BPKCS#11e$B$/$i$$$G$9$1$I!#e(B

e$B$^!“e(B2e$B$O$”$^$j=EMW;k$9$Y$-$3$H$G$O$J$$$G$9$7!"!V$I$&$;B?$/$N?M$O!“e(Bhexe$B$+e(B
base64e$B$9$k$s$@$+$i!W$H$$$&$N$O$o$+$k$s$G$9$1$I!#M_$7$$?M$,MW$k$N$KH?BP$Oe(B
e$B$7$^$;$s$,!”?d>)$H$$$&$N$O$J$!!#e(B

e$B$J$s$Ge(B random_bytes e$B$r?d>)$7$?$$$s$G$9$+e(B?
e$B?d>)$9$k$He(B hex e$B$de(B base64 e$B$h$j$bJXMx$K$J$j$^$9$+e(B?

At Tue, 9 Oct 2007 20:09:21 +0900,
Tanaka A. wrote:

random_number(i) → integer
random_number(f=1.0) → float
random_bytes(n) → binary_string / string
hex(n) → hex_string
base64(n) → base64_string

random_number は rand 互換で、SecureRandom が適切なケースで
rand ã‚’ä½¿ã£ã¦ã„ãŸã€ã¨ã„ã†å ´åˆã«æ©Ÿæ¢°çš„ã«æ›¸ãæ›ãˆã‚‰ã‚Œã‚‹ã‚ˆã†ã«ã€
という意図です。でもそんなにお薦めではなく、hex や base64 を
使ってほしいので長い名前になっています。

　なるほど。まあ引数なしの呼び出しは検出しやすいので、メソッドを
分けてもさほど置き換えの障害にはならない気はしますが、とりあえず
そのままで。

integer はあっていいかもしれませんが、用途はなんというか
session id とかよりはもっと専門的なものになる気がします。
見識があるひとに必要性を説かれてからで遅くないように思います。

float は (上記の書き換え以外では) ちょっと用途が思い当たりま
せん。

　そうですね。

random_bytes は OpenSSL::Random.random_bytes に由来します。
bytes にしようかと考えたこともありますが、[ruby-dev:31515]
のように IO#bytes と Random#bytes で違うのでどうしたものかなぁ
と思いつつ、random_bytes 自体はそんなに使いやすくなくてもい
いか、ということでそのままになっています。

　わかりました。

binary_string, string は別名としてありうると思います。

　bytes と呼ぶものを string とも呼べるいうのはやはりよくないし、
binary_string と言うくらいなら random_bytes でいいので撤回します。

hex と base64 が短いのは意図的です。これらを使いましょうとい
う推奨を示しています。

　たくさんの箇所で使うものでもなさそうなので長くてもいいと思い
ますが、誤解は生じないと思うので納得しました。

　String#hexencode や String#base64encode が組み込みであっても
いい気がしますが、それは別の話。

–
/
/__ __ Akinori.org / MUSHA.org
/ ) ) ) ) / FreeBSD.org / Ruby-lang.org
Akinori MUSHA aka / (_ / ( (__( @ iDaemons.org / and.or.jp

“Different eyes see different things,
Different hearts beat on different strings –
But there are times for you and me when all such things agree”

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Tanaka A. wrote:

Randome$B%/%i%9$G$O!"e(BRandom#rande$B$K$J$C$F$$$?$b$N$G$9$M!#$3$A$i$NL?L>$O0\9Te(B
e$B$N$70W$5M%@h$GDs0F$7$?$b$N$G$7$?!#e(B

rand()e$B$+$ie(BSecureRandome$B$X$N0\9T$rI,MW0J>e$KB%$9I,MW$O$J$$$G$9$+$i!“e(Brande$B$He(B
e$B$$$&L>>N$K$3$@$o$j$O$”$j$^$;$s!#0\9T$rB%$9I,MW$,$J$$!"$H$$$&4QE@$+$i$9$ke(B
e$B$H!"$$$C$=$N$3$He(Brandom_numbere$B$bITMW$J$N$G$O!#e(B

e$BI,MW$,$"$kDxEY$K$OB%$9I,MW$,$"$k$N$G!"ITMW$H$O;W$$$^$;$s!#e(B

e$B$J$k$[$I!#I,MW@-$NG’<1$N0c$$$G$9$M!#e(B

e$BK\Mh0E9f3XE*$K6/EY$N$"$kMp?t$r;H$&$Y$-?M$K$O!"0\9T$7$F$-$FM_$7$$$G$9!#e(B
e$B$3$l$Oe(BOKe$B!#:F8=2DG=$JMp?t7ONs$,M_$7$+$C$??M$O0\9T$G$-$J$$!#$3$l$be(BOKe$B!#e(B

e$B$=$l0J30$NMp?tMxMQ<T$K$O!“e(B1.9e$B$Ne(BRandome$B%/%i%9!J$$$:$l!K$K0\9T$7$FM_$7$$!#e(B
e$B$J$N$GL5M}$Ke(BSecureRandome$B$K0\9T$9$kI,MW$O$J$$!”$H;W$C$F$^$9!#$G$b!"e(B1.8e$B$Ke(B
e$B$Oe(BRandome$B%/%i%9$,F~$k$3$H$O$J$$$@$m$&$+$i!"e(BSecureRandome$B$K0\9T$;$6$k$rF@$Je(B
e$B$$$N$+$J!#!#!#e(B

e$B$=$l$[$I6/$$0U?^$G$O$J$+$C$?$N$G!"!VITMW$J$N$G$O!W$O<h$j2<$2$^$9!#e(B

OpenSSL::Random.random_bytese$B$b!"$=$l$[$I9M$($i$l$F:n$i$l$?%a%=%C%I$8$c$Je(B
e$B$5$=$&$G$9$+$i!"M3Mh$H$$$&$[$I$N$3$H$O$J$$$H;W$$$^$9!J$A$J$$Ke(BOpenSSLe$B$Ne(B
e$B4X?tL>$Oe(BRAND_bytes()e$B!K!#:G=i$K<BAu$7$?%%+%m%3$H$7$F$b!“EDCf$5$s$N;XE&F1e(B
e$BMM!”!Ve(Bbytese$B$8$c4JC1$9$.$k$+$J!W$H;W$C$?$N$+$b$7$l$^$;$s!#e(B

e$B!V%_%+%m%3!W$C$F$J$s$G$9$+e(B?

e$B1#8l$G$7$?$9$$$^$;$s!#e(BMichal
Rokose$B!#:G=i$Ke(Bext/openssle$B$r<BAu$7$??M$G$9!#e(B

e$B$?$@!"8D?ME*$K$O!"e(Bhexe$B!“e(Bbase64e$B$,$”$^$j%T%s$H$3$J$$$N$G!J8e=R!K!“e(B
SecureRandom.bytese$B$H$$$&C;$$L>>N$K$7$F!”$3$A$i$3$=?d>)$K$7$?$$$H$3$m$Ge(B
e$B$9!#e(BSecureRandom.random_bytes(256/8)e$B$H$+!"D9$/$FHa$7$$!#e(B

e$B%P%$%J%j$NJ8;zNs$r@8@.$9$k$N$C$F$=$s$J$K;H$$$^$9$+$M$'e(B?
e$B$"$^$j;H$o$l$J$$$HM=A[$7$F$$$k$N$G$9$,!#e(B

e$B;d$Ne(BOpenSSL::Random.random_bytese$B$NMQES$G$O!“e(Bhexe$B$de(Bbase64e$B$K$9$k$3$H$O$[$He(B
e$B$s$I$J$/!”$=$N$^$^6&M-80$K$7$?$j!"5pBg@0?t$H$_$J$7$Fe(BMPI(*)e$B$J$I$N5pBg@0?te(B
e$BI=8=$KJQ49$9$k!#e(B

(*) OpenPGPe$B$GDj5A$5$l$?%U%)!<%^%C%H!#e(B

e$B$H$$$&;d$K$O!"!Ve(Bsecuree$B$Je(Brandome$B$H$7$F!We(Bhexe$B$de(Bbase64e$B$r;H$&!"$H$$$&$N$O%T%se(B
e$B$H$3$J$$$N$G$9!#$d$C$?$3$H$"$k$+$J!#5-21$K$J$$!#e(B

e$B$3$3$G$N;d$HEDCf$5$s$NG’<1$N0c$$$O!"e(B[ruby-dev:30939]e$B!“e(B[ruby-dev:30940]
e$B$”$?$j$+$iB3$$$F$$$k$N$@$H;W$$$^$9!#;d$H$7$F$O!"e(Bsession
ide$B$N@8@.$H$$$&!"e(B
secure randome$B$N0lMQES$N$?$a$K!"e(Bsecure
randome$B%/%i%9$K%a%=%C%I$rDI2C$9$k$Ne(B
e$B$,5$$K$J$k!#%a%=%C%I$NI,MW@-$OM}2r$7$F$^$9$7!"I8=`E:IU$9$k$N$K$b;?@.!#$3e(B
e$B$l$,e(Bcgi/session.rbe$B$NCf$@$C$?$j!"e(Bsessionidgenerator.rbe$B$H$$$&L>A0$J$i5$$Ke(B
e$B$J$i$J$$!#e(B

e$BL>A0D9$$$1$I!#e(B

binary_string, string e$B$OJLL>$H$7$F$"$j$&$k$H;W$$$^$9!#e(B
e$B!J$3$3$Ge(B1.9e$B$N$3$H$r9M$($F$b$7$g!<$,$J$$$G$9$,!Ke(Bstringe$B$H$$$&L>>N$O:.Mp$re(B
e$B>7$-$=$&$J!#e(B

1.9 e$B$H$I$&4X78$9$k$N$G$7$g$&e(B?

e$B%P!<%8%g%s$O$$$:$l$"$,$C$F$$$/$o$1$G$9$+$i!“7|G0$,$”$l$P65$(e(B
e$B$F$/$@$5$$!#e(B

e$B@bL@ITB-$G$9$$$^$;$s!#e(B1.9e$B$Ge(Bstringe$B$H$$$&%a%=%C%IL>$@$H!"%P%$%J%j$G$J$$e(B
encodinge$B$r;}$C$?J8;zNs$,JV$C$F$-$=$&$K46$8$^$7$?!#e(B

e$B;d$H$7$F$O!"0J2<$NM}M3$+$i!“e(Bhexe$B$He(Bbase64e$B$K$O$”$^$j%T%s$H$-$F$^$;$s!#e(B

1. hexe$B$de(Bbase64e$B$,%(%s%3!<%I%U%)!<%^%C%H$G$"$j!“e(B
   e$B!V0E9f3XE*$K6/EY$N$”$kMp?t!W$H$$$&%/%i%9$NK<A$H$N7k$SIU$-$,<e$$!#e(B

session id e$B$H$$$&MQK!$K$*$$$F6/$$7k$SIU$-$,$"$j$^$9!#e(B

e$B;H$$$d$9$$%i%$%V%i%j$r%G%6%$%s$9$k$K$OA[Dj$5$l$kMQK!$r==J,$Ke(B
e$B;Y1g$9$k$3$H$,=EMW$G$9!#e(B

e$B>e$G=q$$$?DL$j!"e(Bsession
ide$B@8@.$H$$$&MQK!$K$*$$$FJXMx$J$N$OM}2r$G$-$^$9!#e(B

2. e$B=>Mh$NMp?te(BAPIe$B$G!"$=$N$h$&$J$b$N$r8+$?$3$H$,$J$$!#e(B
   e$BCN$C$F$k$N$Oe(BJavae$B!"e(B.NETe$B!"e(Bpythone$B!"e(BPKCS#11e$B$/$i$$$G$9$1$I!#e(B

e$B$^!“e(B2e$B$O$”$^$j=EMW;k$9$Y$-$3$H$G$O$J$$$G$9$7!"!V$I$&$;B?$/$N?M$O!“e(Bhexe$B$+e(B
base64e$B$9$k$s$@$+$i!W$H$$$&$N$O$o$+$k$s$G$9$1$I!#M_$7$$?M$,MW$k$N$KH?BP$Oe(B
e$B$7$^$;$s$,!”?d>)$H$$$&$N$O$J$!!#e(B

e$B$J$s$Ge(B random_bytes e$B$r?d>)$7$?$$$s$G$9$+e(B?
e$B?d>)$9$k$He(B hex e$B$de(B base64 e$B$h$j$bJXMx$K$J$j$^$9$+e(B?

bytese$B$r?d>)$9$k0U?^$O$=$l$[$I$"$j$^$;$s$G$7$?!#e(Bhexe$B$de(Bbase64e$B$r?d>)$9$k$3$He(B
e$B$K$h$j!“e(BSecureRandom.base64e$B$G<hF@$7$?$b$N$re(Bbase64
decodee$B$7$F6&M-80$K;He(B
e$B$&!”$J$I$H$$$&;vNc$,5/$3$i$J$$$GM_$7$$!"$H$$$&DxEY$G$9!#e(B

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)

iQEVAwUBRwyQkx9L2jg5EEGlAQI3MAf/Y8mPuUU2vhrNRKKiLHUGDAN2n0f/hFv/
KcSbA44dDhcP9oLlF2uZa2wMYhKppAYNNPBYrmi/BXepS4hFrbqOb2kq5IY7R6gV
yaSHSeY78QfrM+AHAkN7++hPInUal+Ppi78y2QaayNugWVZzueCGbxkDdJC2p/9V
UBN+b1RspIieoiNI59rVlrTrE5795YJmjLhZdLpESXAuKSWJLs4t9HZk6bHT3bIw
dCIqb3kOeAZ9k5SVCv07dJCRYozPbG5Rw1GH/ENAgFBmNEHalhRWB9eLbQzJbEur
Ys/5G8ONW9J32VLWf4mQyi4AcJM1zd9g0upe6sxmlhFW20qvtgOiBQ==
=qd+q
-----END PGP SIGNATURE-----

In article [email protected],
“NAKAMURA, Hiroshi” [email protected] writes:

e$B!V%_%+%m%3!W$C$F$J$s$G$9$+e(B?

e$B1#8l$G$7$?$9$$$^$;$s!#e(BMichal R.e$B!#:G=i$Ke(Bext/openssle$B$r<BAu$7$??M$G$9!#e(B

e$B$J$k$[$I!#e(B

e$B;d$Ne(BOpenSSL::Random.random_bytese$B$NMQES$G$O!“e(Bhexe$B$de(Bbase64e$B$K$9$k$3$H$O$[$He(B
e$B$s$I$J$/!”$=$N$^$^6&M-80$K$7$?$j!"5pBg@0?t$H$_$J$7$Fe(BMPI(*)e$B$J$I$N5pBg@0?te(B
e$BI=8=$KJQ49$9$k!#e(B

(*) OpenPGPe$B$GDj5A$5$l$?%U%)!<%^%C%H!#e(B

e$B$U$`!#$=$&$$$&6qBNE*$JMQES$O;29M$K$J$j$^$9!#e(B

e$B$3$3$G$N;d$HEDCf$5$s$NG’<1$N0c$$$O!"e(B[ruby-dev:30939]e$B!“e(B[ruby-dev:30940]
e$B$”$?$j$+$iB3$$$F$$$k$N$@$H;W$$$^$9!#;d$H$7$F$O!"e(Bsession ide$B$N@8@.$H$$$&!"e(B
secure randome$B$N0lMQES$N$?$a$K!"e(Bsecure randome$B%/%i%9$K%a%=%C%I$rDI2C$9$k$Ne(B
e$B$,5$$K$J$k!#%a%=%C%I$NI,MW@-$OM}2r$7$F$^$9$7!"I8=`E:IU$9$k$N$K$b;?@.!#$3e(B
e$B$l$,e(Bcgi/session.rbe$B$NCf$@$C$?$j!"e(Bsessionidgenerator.rbe$B$H$$$&L>A0$J$i5$$Ke(B
e$B$J$i$J$$!#e(B

e$B$^$!!“Bg%/%i%9<g5A$G$9$+$i!”$^$A$,$$$d$9$$%a%=%C%IL>$G$J$1$le(B
e$B$P$$$m$s$J5!G=$,$"$C$F$$$$$s$8$c$J$$$G$9$+$M!#e(B

bytese$B$r?d>)$9$k0U?^$O$=$l$[$I$“$j$^$;$s$G$7$?!#e(Bhexe$B$de(Bbase64e$B$r?d>)$9$k$3$He(B
e$B$K$h$j!“e(BSecureRandom.base64e$B$G<hF@$7$?$b$N$re(Bbase64 decodee$B$7$F6&M-80$K;He(B
e$B$&!”$J$I$H$$$&;vNc$,5/$3$i$J$$$GM_$7$$!”$H$$$&DxEY$G$9!#e(B

e$B0J2<$Ne(B 3e$B$D$rHf$Y$k$H!"e(BSecureRandom.random_bytes
e$B$,$$$A$P$sC;e(B
e$B$$$N$G!"e(Bbase64 e$B$de(B hex
e$B<+BN$,C;$/$F$b$o$6$o$6$=$C$A$r;H$&$h$&e(B
e$B$J7|G0$OBg$-$/$J$$$h$&$K;W$$$^$9!#e(B

• SecureRandom.random_bytes
• SecureRandom.base64.unpack(“m”)[0]
• [SecureRandom.hex].pack(“H*”)

In article [email protected],
“Akinori MUSHA” [email protected] writes:

binary_string, string e$B$OJLL>$H$7$F$"$j$&$k$H;W$$$^$9!#e(B

e$B!!e(Bbytes e$B$H8F$V$b$N$re(B string e$B$H$b8F$Y$k$$$&$N$O$d$O$j$h$/$J$$$7!"e(B
binary_string e$B$H8@$&$/$i$$$J$ie(B random_bytes e$B$G$$$$$N$GE12s$7$^$9!#e(B

e$B$^$!!"NI$$L>A0$,$_$D$+$l$P8e$+$i$G$be(B alias e$B$r$D$1$k$3$H$,$Ge(B
e$B$-$^$9!#e(B

e$B$=$NL>A0$,e(B random_bytes e$B$Ne(B
12e$BJ8;z$h$j$bC;$$$b$N$G$"$l$P!“e(B
random_bytes e$B$H$$$&L>A0$,;D$C$F$$$F$b$=$s$J$K8e2y$7$J$/$F:Qe(B
e$B$_$^$9$N$G!”$J$K$+;W$$$D$$$?$i$^$?9M$($^$7$g$&!#e(B

e$B$H$$$&$o$1$G%3%_%C%H$7$^$7$?!#e(B

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Tanaka A. wrote:

e$B$J$k$[$I!#$=$&8@$C$F$/$l$l$P$$$$$N$K!#$G$O!"$b$7e(BRandome$BF3F~$N5DO@$r:F3+$7e(B
e$B$?$/$J$C$?>l9g$K$O!"%9%l%C%I$+$iF05!$NItJ,$r=&$C$F$-$F@0M}$7$^$9!#:G=ie(B
e$B$N!"EDCf$5$s$H$Ne(Bsecrand.rbe$B$K4X$9$kOC$,860x$N$O$:!#e(B
[ruby-dev:30944]e$B!Je(B6/9e$B!K!“e(B[ruby-dev:30963]e$B!Je(B6/12e$B!K$”$?$j$+$Je(B?

srand e$B$K4X$9$k;d$N9M$($O;2>H$5$l$F$$$ke(B [ruby-dev:30963] e$B$K=qe(B
e$B$$$F$"$j$^$9$,!"!VIaDL$N?M$,;H$C$F$$$k0BDjHGe(B ruby e$B$Ke(B Random
e$B$,F~$C$?8e$G!We(Bsrand e$B$rGQ;_$9$k$N$b$$$$$@$m$&!"$H$$$&$b$N$G$9!#e(B

e$B$*$C$7$c$kDL$j$G$9!#!V;d$HEDCf$5$s$,9g0U$7!W$H$+=q$$$?%a!<%k$N8e$G=q$/e(B
e$BFbMF$H$7$F$OE,@Z$G$O$"$j$^$;$s$G$7$?!#e(B

e$B$J$N$G!“8=;~E@$G9T$&$H$$$&$J$R$5$s$NH=CG$KI,$:$7$b;?@.$9$k$oe(B
e$B$1$G$O$”$j$^$;$s!#e(B

e$B$^$!!"$J$R$5$s$,<+?H$NH=CG$K$*$$$F$=$&$9$k$H$$$&$N$G$"$l$PH?e(B
e$BBP$9$k$[$I$G$b$"$j$^$;$s$,!#e(B

e$B5DO@$,e(B1.9.1e$B$K4V$K9g$&$H$$$$$s$G$9$,!#e(B

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)

iQEVAwUBRwySxh9L2jg5EEGlAQJCiggAkpWkoiFNdkfZTabric3kCRFf+aO2XX39
q1l7t5vjUzKDVLJXsjyHCmq89sSTcLxgc62vL3PXUo89HiYIx0whQQtuQFXnlkRA
buoAun2rf6EEtHUVzNfEAsGEiaAZS0pO1MrH3F7pcNSeaBqyL72VD/pSCt7X3s3Y
+f59Z/EmkCjZ5pS44u0DjYg68g/9VcQKfem1MoS9NY3UuKULx6Nz/Ddi4ZdfdfVB
pbyv0AjRPJLRaNU0cj+eKVk4BbtlkTqTyEZppeIt95KEzSHxl/wYGFLFuAOk1YMh
jRqMSsHdaNSj4U9ehkLFoJH2TeCbZ5UJeUfInEjhtxNOcD6IykwbGQ==
=WocP
-----END PGP SIGNATURE-----

e$B$^$D$b$He(B e$B$f$-$R$m$G$9e(B

In message “Re: [ruby-dev:32001] Re: securerandom.rb for 1.8”
on Wed, 10 Oct 2007 07:10:07 +0900, “NAKAMURA, Hiroshi”
[email protected] writes:

|> e$B$^$“!”$=$&=q$$$F$O$"$j$^$7$?$1$I!“F05!$,==J,$KFI$_<h$l$J$+$Ce(B
|> e$B$?$N$G!#!V$J$<:o=|$7$?$$$+!W$H$$$&ItJ,$G$9$h$M!#8@$o$J$/$F$be(B
|> e$B$o$+$k$H;W$o$l$?$N$+!”$A$c$s$H@bL@$7$F$b$i$C$F$^$;$s!#!V$J$/e(B
|> e$B$F$b$$$$$h$M!W$/$i$$$7$+!#$=$l$H$b8+Mn$H$7$F$k$N$+$Je(B(e$B==J,$"e(B
|> e$B$j$($ke(B)e$B!#e(B
|
|e$B$J$k$[$I!#$=$&8@$C$F$/$l$l$P$$$$$N$K!#e(B

e$B?=$7Lu$"$j$^$;$s!#;d<+?H$b==J,$K<+3P$7$F$^$;$s$G$7$?!#e(B

|e$B>e$NOC$HF1$8$G$9$,!“!V%0%m!<%P%k$J>uBV$rJQ99$9$k$b$N$O:o=|!W$,A0Ds$@$C$?e(B
|e$B$N$G!“e(Bwarninge$B$OJ}8~=$@5$N$D$b$j$G$9$h!#$=$l$,%9%8$,0-$$$H$$$&;XE&$O$”$Ce(B
|e$B$F$b$h$$$H;W$$$^$9$,!”$^$D$b$H$5$s$+$i$N;XE&$O$"$j$^$;$s$G$7$?!#e(B

e$B!V;XE&$,$J$+$C$?!W$3$H$O?=$7Lu$J$$$H;W$$$^$9!#==J,$K5DO@$r%U%)e(B
e$B%m!<$7$F$$$J$+$C$?$N$G!#$=$b$=$b!V%0%m!<%P%k$J>uBV$rJQ99$9$ke(B
e$B$b$N$O:o=|!W$H$$$&A0Ds$r6&M-$7$F$$$J$+$C$?$N$G!#;d<+?H$OMp?te(B
e$B7ONs$r%*%V%8%‘%/%H2=$9$k$3$H$K$O;?@.$7$F$$$^$7$?$,!"!V%0%m!<e(B
e$B%P%k>uBV$rJQ99$7$J$$!W$H$3$m$^$GF’$_9~$`F05!$,e(B(e$B$=$C$A$NJ}$,e(B
e$B$-$l$$!"$H$$$&0J30$Ke(B)e$B$J$+$C$?$N$G!#e(B

|e$B$"$H!"e(B[ruby-dev:31174]e$B!Je(B7/10e$B!K$N!Ve(Bsrande$BGQ;_$9$k$s$@$1$IK\Ev$K$$$$$Ne(B?e$B!W$+e(B
|e$B$i!“e(B[ruby-dev:31545]e$B!Je(B8/21e$B!K$N!V$”$l!“e(Bsrande$B$C$F$J$/$9$s$G$7$?$C$1!W$^$Ge(B
|e$B==J,BT$?$5$l$F$$$k$N$G!”!V$3$&$$$&N.$l$@$H!W$H8@$o$l$k$N$OITK~$@$J!#0lBNe(B
|e$B$I$&$7$?$i$h$+$C$?$s$G$7$g$&!#e(B

e$B:#$5$i$G$9$,!"!V$J$<:o=|$9$k$Y$-$J$N$+!W$H$$$&E@$r$b$&0lEYL@e(B
e$B$i$+$K$7$F$/$@$5$k$HNI$+$C$?$N$G$O$J$$$+$H!#$J$R$5$s$NA[A|0Je(B
e$B>e$K;d$,A0Ds$r6&M-$7$F$$$^$;$s$G$7$?!#e(B

|e$B$=$l$G$O!“e(BRubyGemse$B$He(BRakee$B$He(BCSVe$B$NOC$,JRIU$$$F!”$^$@e(B1.9.1e$B$K4V$K9g$&$h$&$G$“e(B
|e$B$l$P!”>x$7JV$9$3$H$K$7$^$9!#C/$+B>$N?M$,>x$7JV$7$F$/$l$F$b9=$$$^$;$s$,!"e(B
|e$B$$$J$$$+$J!#e(B

e$B$*BT$A$7$F$$$^$9!#e(B

|OT: e$B:#$Oe(BRubyGemse$B$He(BRakee$B$N$[$&$,M%@h!#e(B[ruby-dev:31970]e$B!“e(B[ruby-dev:31972]e$B$Ne(B
|e$BJV?.$r$*BT$A$7$F$$$^$9!#e(Bruby-coree$B$N5DO@$b!”$=$l$G;_$a$F$$$^$9!#$b$7!V$Ie(B
|e$B$&JV?.$7$?$b$s$@$+!W$N>l9g$K$O!"2?$,ITL@$+!"2?$KLB$C$F$$$k$+$r65$($F$/$@e(B
|e$B$5$$!#e(B

e$B$G$O!"$N$A$[$IJV;v$7$^$9!#e(B

                            e$B$^$D$b$He(B e$B$f$-$R$me(B /:|)

e$B$^$D$b$He(B e$B$f$-$R$m$G$9e(B

In message “Re: [ruby-dev:32067] Re: securerandom.rb for 1.8”
on Mon, 15 Oct 2007 23:16:36 +0900, “NAKAMURA, Hiroshi”
[email protected] writes:

|e$B$^$D$b$H$5$s!“e(B[ruby-dev:31972]e$B$Ne(BRakee$B%M%?$O$I$&$G$9$+!#$?$V$s$^$@$I$A$i$He(B
|e$B$b7h$a$i$l$J$$!”$H$$$&$3$H$@$H;W$$$^$9$,!"$=$l$J$i$Pe(B

rakee$B$r%S%k%I$K;H$$$?$$$H$$$&%K!<%:$OM}2r$G$-$^$9!#$J$i!“E:IUe(B
e$B$7$F$b$$$$$s$8$c$J$$$+$J$H;W$C$F$$$^$9!#$G!”$J$R$5$s$?$A$N@be(B
e$BL@$rJ9$/8B$j$O%G%a%j%C%H$O$J$$$h$&$KJ9$3$($k$N$G$9$,!"$=$&$$e(B
e$B$&M}2r$G9=$$$^$;$s$+!#e(B

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yukihiro M. wrote:

|OT: e$B:#$Oe(BRubyGemse$B$He(BRakee$B$N$[$&$,M%@h!#e(B[ruby-dev:31970]e$B!“e(B[ruby-dev:31972]e$B$Ne(B
|e$BJV?.$r$*BT$A$7$F$$$^$9!#e(Bruby-coree$B$N5DO@$b!”$=$l$G;_$a$F$$$^$9!#$b$7!V$Ie(B
|e$B$&JV?.$7$?$b$s$@$+!W$N>l9g$K$O!"2?$,ITL@$+!"2?$KLB$C$F$$$k$+$r65$($F$/$@e(B
|e$B$5$$!#e(B

e$B$G$O!"$N$A$[$IJV;v$7$^$9!#e(B

e$B$^$D$b$H$5$s!“e(B[ruby-dev:31972]e$B$Ne(BRakee$B%M%?$O$I$&$G$9$+!#$?$V$s$^$@$I$A$i$He(B
e$B$b7h$a$i$l$J$$!”$H$$$&$3$H$@$H;W$$$^$9$,!"$=$l$J$i$Pe(B

e$B:#2se(Bruby-coree$B$G$O!"!VE:IU$K;?@.$9$k?M$Oe(B?e$B!W$H$$$&Ld$$3]$1$+$?$O$7$F$$$^$;e(B
e$B$s!#I,MW$G$"$l$Pe(Bruby-coree$B$G!"!Ve(BRakee$B$NI8=E:IU$K$D$$$F$Oe(Bcoree$B%A!<%$N4*0ce(B
e$B$$$,$"$C$?!#$^$D$b$H$5$s$,:FEY!“e(BRakee$B$NI8=`E:IU$N%a%j%C%H%G%a%j%C%H$r9M$(e(B
e$B$?$$!”$H8@$C$F$$$k!#$I$&$+e(B?e$B!W$H5DO@$r?6$j$^$9$h!#e(B

e$B$r$d$C$?$[$&$,$$$$$+$b$7$l$^$;$s!#e(BJime$B$K$O?=$7Lu$J$$$1$I!#e(B

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)

iQEVAwUBRxN2IR9L2jg5EEGlAQLwAggAvoQGGK3tlf2Rwt7QCkiaT+JWYstQ4T2o
FP1ugI1rlKPpREYx8E3HmbWtBxtrHengZTFraxd5TsDN1S6j3iPk1vdIra7/e/Z0
EcuKVspNKVznicwLT6r2EPbVPVazZ9Pykd3MGBeZrumxtcMZDG5b5Av6ElAmByyj
tf78LrZ8Xg+HDuJtPu7YVGz9Uhk2O2GD8DlUQBvxfjxS79d2m5HKPpEvqRA2vNDa
sN9GcTg1Y+uOb5IIC5yuEoHWSTuJuGTyFCvvEyx43qmV53gS9OEvWEB6wZy26FVy
sJ3sEFAzgV6SIBfQVizypIKSxSbDxjEeIeI4G7Soyo3WW6joIcPRTg==
=rjVT
-----END PGP SIGNATURE-----