[COMMITTED,04/26] ada: Improve documenation about security of PRGNs
Commit Message
From: Johannes Kliemann <kliemann@adacore.com>
The pseudo random number generators used in GNAT are not
suitable for applications that require cryptographic
security. While this was mentioned in some places others
did not have a corresponding note, leading to these
generators being used in a non-suitable context.
gcc/ada/
* doc/gnat_rm/standard_library_routines.rst: Add note to section
of Ada.Numerics.Discrete_Random and Ada.Numerics.Float_Random.
* doc/gnat_rm/the_gnat_library.rst: Add note to section about
GNAT.Random_Numbers.
* libgnat/a-nudira.ads: Add note about cryptographic properties.
* gnat_rm.texi: Regenerate.
* gnat_ugn.texi: Regenerate.
Tested on x86_64-pc-linux-gnu, committed on master.
---
gcc/ada/doc/gnat_rm/standard_library_routines.rst | 6 ++++--
gcc/ada/doc/gnat_rm/the_gnat_library.rst | 4 +++-
gcc/ada/gnat_rm.texi | 10 +++++++---
gcc/ada/gnat_ugn.texi | 2 +-
gcc/ada/libgnat/a-nudira.ads | 2 ++
5 files changed, 17 insertions(+), 7 deletions(-)
@@ -302,12 +302,14 @@ the unit is not implemented.
``Ada.Numerics.Discrete_Random``
This generic package provides a random number generator suitable for generating
- uniformly distributed values of a specified discrete subtype.
+ uniformly distributed values of a specified discrete subtype. It should not be
+ used as a cryptographic pseudo-random source.
``Ada.Numerics.Float_Random``
This package provides a random number generator suitable for generating
- uniformly distributed floating point values in the unit interval.
+ uniformly distributed floating point values in the unit interval. It should not
+ be used as a cryptographic pseudo-random source.
``Ada.Numerics.Generic_Complex_Elementary_Functions``
@@ -1329,7 +1329,9 @@ convenient for use with realtime applications.
.. index:: Random number generation
Provides random number capabilities which extend those available in the
-standard Ada library and are more convenient to use.
+standard Ada library and are more convenient to use. This package is
+however NOT suitable for situations requiring cryptographically secure
+randomness.
.. _`GNAT.Regexp_(g-regexp.ads)`:
@@ -21142,12 +21142,14 @@ build the type @code{Complex} and @code{Imaginary}.
@item @code{Ada.Numerics.Discrete_Random}
This generic package provides a random number generator suitable for generating
-uniformly distributed values of a specified discrete subtype.
+uniformly distributed values of a specified discrete subtype. It should not be
+used as a cryptographic pseudo-random source.
@item @code{Ada.Numerics.Float_Random}
This package provides a random number generator suitable for generating
-uniformly distributed floating point values in the unit interval.
+uniformly distributed floating point values in the unit interval. It should not
+be used as a cryptographic pseudo-random source.
@item @code{Ada.Numerics.Generic_Complex_Elementary_Functions}
@@ -24688,7 +24690,9 @@ convenient for use with realtime applications.
@geindex Random number generation
Provides random number capabilities which extend those available in the
-standard Ada library and are more convenient to use.
+standard Ada library and are more convenient to use. This package is
+however NOT suitable for situations requiring cryptographically secure
+randomness.
@node GNAT Regexp g-regexp ads,GNAT Registry g-regist ads,GNAT Random_Numbers g-rannum ads,The GNAT Library
@anchor{gnat_rm/the_gnat_library gnat-regexp-g-regexp-ads}@anchor{270}@anchor{gnat_rm/the_gnat_library id90}@anchor{39b}
@@ -29670,8 +29670,8 @@ to permit their use in free software.
@printindex ge
-@anchor{d1}@w{ }
@anchor{gnat_ugn/gnat_utility_programs switches-related-to-project-files}@w{ }
+@anchor{d1}@w{ }
@c %**end of body
@bye
@@ -35,6 +35,8 @@
-- Note: the implementation used in this package is a version of the
-- Mersenne Twister. See s-rannum.adb for details and references.
+-- It is suitable for simulations, but should not be used as a cryptographic
+-- pseudo-random source.
with System.Random_Numbers;