Skip to content

Addutional FIPS DRBG (deterministic random bit generator) limit changes#344

Merged
corporate-gadfly merged 4 commits into
OpenVoxProject:mainfrom
jpartlow:fips-drbg-limits
Jun 25, 2026
Merged

Addutional FIPS DRBG (deterministic random bit generator) limit changes#344
corporate-gadfly merged 4 commits into
OpenVoxProject:mainfrom
jpartlow:fips-drbg-limits

Conversation

@jpartlow

@jpartlow jpartlow commented Jun 25, 2026

Copy link
Copy Markdown
Contributor

Pull Request (PR) description

Builds on changes from #343

  • Move random-ascii-string into the random.clj namespace so that it is contained with the rest of the random functions there.
  • Extract chunk-random-string in random.clj from near identical alphabetic-string and random-ascii-string.
  • Use random-ascii-string in benchmark.clj as well, where there was one other use of RandomStringUtils.nextAscii() that could have hit similar FIPS limits
  • Adds a few test cases for the changed functions
  • Corrects a couple of bugs in two of the existing random.clj random string functions

This Pull Request (PR) fixes the following issues

jpartlow added 4 commits June 25, 2026 14:15
@jpartlow
Move random-ascii-string into the random.clj namespace
24d9345 
So that it is contained with the rest of the random functions there.

Signed-off-by: Josh Partlow <jpartlow@glatisant.org>
@jpartlow
Fix a bug in random-string-alpha/0
173de8b 
Formerly the 0-arity case wasn't lowercasing.

Also update random-string to use alphabetic-string for it's 0-arity case
to keep it inline with the 1-arity case.

Signed-off-by: Josh Partlow <jpartlow@glatisant.org>
@jpartlow
Extract chunk-random-string in random.clj
802a0de 
...from near identical alphabetic-string and random-ascii-string.

Also adds a bit of test coverage for these functions and some of their
adjacents.

Signed-off-by: Josh Partlow <jpartlow@glatisant.org>
@jpartlow
Use random-ascii-string in benchmark.clj as well
81265f1 
Fixes another area where FIPS DRBG per-request-limits could crop up in
benchmark.clj. RandomStringUtils is only referenced in random.clj now.

Signed-off-by: Josh Partlow <jpartlow@glatisant.org>
corporate-gadfly
corporate-gadfly approved these changes Jun 25, 2026
View reviewed changes

@corporate-gadfly corporate-gadfly left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nicely done! Squashing these commit will be the cherry on top.

@jpartlow

jpartlow commented Jun 25, 2026

Copy link
Copy Markdown
Contributor Author

These four I'd leave as is. They're logically isolated and if a problem arises from something done here, it should track back to a fairly singular commit.

@corporate-gadfly corporate-gadfly merged commit 7397b9a into OpenVoxProject:main Jun 25, 2026
10 checks passed
@jpartlow jpartlow deleted the fips-drbg-limits branch June 25, 2026 21:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@corporate-gadfly corporate-gadfly corporate-gadfly approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jpartlow @corporate-gadfly