51a3d0603c
`DefaultCsprng` is documented as a cryptographically secure RNG. While `ISAAC` is a CSPRNG, the variant we have, `ISAAC64` is not. A 64 bit seed is a bit small to satisfy that claim. We also saw it being used with the current date as a seed, that also defeats the point of a CSPRNG. Set `DefaultCsprng` to `Gimli` instead of `ISAAC64`, rename the parameter from `init_s` to `secret_seed` + add a comment to clarify what kind of seed is expected here. Instead of directly touching the internals of the Gimli implementation (which can change/be architecture-specific), add an `init()` function to the state. Our Gimli-based CSPRNG was also not backtracking resistant. Gimli is a permutation; it can be reverted. So, if the state was ever leaked, future secrets, but also all the previously generated ones could be recovered. Clear the rate after a squeeze in order to prevent this. Finally, a dumb test was added just to exercise `DefaultCsprng` since we don't use it anywhere.
A general-purpose programming language and toolchain for maintaining robust, optimal, and reusable software.
Resources
- Introduction
- Download & Documentation
- Chapter 0 - Getting Started | ZigLearn.org
- Community
- Contributing
- Code of Conduct
- Frequently Asked Questions
- Community Projects
Building from Source
Note that you can download a binary of master branch or install Zig from a package manager.
Stage 1: Build Zig from C++ Source Code
This step must be repeated when you make changes to any of the C++ source code.
Dependencies
POSIX
- cmake >= 2.8.5
- gcc >= 5.0.0 or clang >= 3.6.0
- LLVM, Clang, LLD development libraries == 11.x, compiled with the same gcc or clang version above
- Use the system package manager, or build from source.
Windows
- cmake >= 3.15.3
- Microsoft Visual Studio. Supported versions:
- 2017 (version 15.8)
- 2019 (version 16)
- LLVM, Clang, LLD development libraries == 11.x
- Use the pre-built binaries or build from source.
Instructions
POSIX
mkdir build
cd build
cmake ..
make install
Need help? Troubleshooting Build Issues
MacOS
brew install cmake llvm
brew outdated llvm || brew upgrade llvm
mkdir build
cd build
cmake .. -DCMAKE_PREFIX_PATH=$(brew --prefix llvm)
make install
Windows
See https://github.com/ziglang/zig/wiki/Building-Zig-on-Windows
Stage 2: Build Self-Hosted Zig from Zig Source Code
Now we use the stage1 binary:
zig build --prefix $(pwd)/stage2 -Denable-llvm
This produces stage2/bin/zig which can be used for testing and development.
Once it is feature complete, it will be used to build stage 3 - the final compiler
binary.
Stage 3: Rebuild Self-Hosted Zig Using the Self-Hosted Compiler
Note: Stage 2 compiler is not yet able to build Stage 3. Building Stage 3 is not yet supported.
Once the self-hosted compiler can build itself, this will be the actual compiler binary that we will install to the system. Until then, users should use stage 1.
Debug / Development Build
stage2/bin/zig build
This produces zig-cache/bin/zig.
Release / Install Build
stage2/bin/zig build install -Drelease
License
The ultimate goal of the Zig project is to serve users. As a first-order effect, this means users of the compiler, helping programmers to write better code. Even more important, however, are the end users.
Zig is intended to be used to help end users accomplish their goals. For example, it would be inappropriate and offensive to use Zig to implement dark patterns and it would be shameful to utilize Zig to exploit people instead of benefit them.
However, such problems are best solved with social norms, not with software licenses. Any attempt to complicate the software license of Zig would risk compromising the value Zig provides to users.
Therefore, Zig is available under the MIT (Expat) License, and comes with a humble request: use it to make software better serve the needs of end users.