#
# spec file for package perl-Crypt-Random-Seed (Version 0.03)
#
# Copyright (c) 124 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#

%define cpan_name Crypt-Random-Seed
Name:           perl-Crypt-Random-Seed
Version:        0.03
Release:        0
License:   Artistic-1.0 or GPL-1.0-or-later
Summary:        Provide strong randomness for seeding
Url:            https://metacpan.org/release/%{cpan_name}
Source0:         Crypt-Random-Seed-0.03.tar.gz
BuildArch:      noarch
BuildRequires:  perl
BuildRequires:  perl-macros
BuildRequires:  perl-generators
BuildRequires:  perl(Crypt::Random::TESHA2)
BuildRequires:  perl-generators
Requires:       perl(Crypt::Random::TESHA2)
%{perl_requires}

%description
A simple mechanism to get strong randomness. The main purpose of this
module is to provide a simple way to generate a seed for a PRNG such as
Math::Random::ISAAC, for use in cryptographic key generation, or as the
seed for an upstream module such as Bytes::Random::Secure. Flags for
requiring non-blocking sources are allowed, as well as a very simple method
for plugging in a source.

The randomness sources used are, in order:

* User supplied.

If the constructor is called with a Source defined, then it is used. It is
not checked vs. other flags (NonBlocking, Never, Only).

* Win32 Crypto API.

This will use 'CryptGenRandom' on Windows 2000 and 'RtlGenRand' on Windows
XP and newer. According to MSDN, these are well-seeded CSPRNGs (FIPS 186-2
or AES-CTR), so will be non-blocking.

* EGD / PRNGD.

This looks for sockets that speak the at http://egd.sourceforge.net/
protocol, including at http://prngd.sourceforge.net/. These are userspace
entropy daemons that are commonly used by OpenSSL, OpenSSH, and GnuGP. The
locations searched are '/var/run/egd-pool', '/dev/egd-pool',
'/etc/egd-pool', and '/etc/entropy'. EGD is blocking, while PRNGD is
non-blocking (like the Win32 API, it is really a seeded CSPRNG). However
there is no way to tell them apart, so we treat it as blocking. If your O/S
supports /dev/random, consider at http://www.issihosts.com/haveged/ as an
alternative (a system daemon that refills /dev/random as needed).

* /dev/random.

The strong source of randomness on most UNIX-like systems. Cygwin uses
this, though it maps to the Win32 API. On almost all systems this is a
blocking source of randomness -- if it runs out of estimated entropy, it
will hang until more has come into the system. If this is an issue, which
it often is on embedded devices, running a tool such as at
http://www.issihosts.com/haveged/ will help immensely.

* /dev/urandom.

A nonblocking source of randomness that we label as weak, since it will
continue providing output even if the actual entropy has been exhausted.

* TESHA2.

Crypt::Random::TESHA2 is a Perl module that generates random bytes from an
entropy pool fed with timer/scheduler variations. Measurements and tests
are performed on installation to determine whether the source is considered
strong or weak. This is entirely in portable userspace, which is good for
ease of use, but really requires user verification that it is working as
expected if we expect it to be strong. The concept is similar to
Math::TrulyRandom though updated to something closer to what TrueRand 2.1
does vs. the obsolete version 1 that Math::TrulyRandom implements. It is
very slow and has wide speed variability across platforms : I've seen
numbers ranging from 40 to 150,000 bits per second.

A source can also be supplied in the constructor. Each of these sources
will have its debatable points about perceived strength. E.g. Why is
/dev/urandom considered weak while Win32 is strong? Can any userspace
method such as TrueRand or TESHA2 be considered strong?

%prep
%autosetup  -n %{cpan_name}-%{version}

find . -type f ! -path "*/t/*" ! -name "*.pl" ! -path "*/bin/*" ! -path "*/script/*" ! -path "*/scripts/*" ! -name "configure" -print0 | xargs -0 chmod 644

%build
perl Makefile.PL INSTALLDIRS=vendor
%make_build

%check
make test

%install
%perl_make_install
%perl_process_packlist
%perl_gen_filelist

%files -f %{name}.files
%doc Changes examples README TODO
%license LICENSE

%changelog