[Cryptography] OpenSSL and random
Theodore Ts'o
tytso at mit.edu
Fri Dec 2 12:40:43 EST 2016
On Thu, Dec 01, 2016 at 09:47:02PM -0600, Nico Williams wrote:
> On Thu, Dec 01, 2016 at 09:42:59PM -0500, Theodore Ts'o wrote:
> > On Thu, Dec 01, 2016 at 06:39:46PM -0600, Nico Williams wrote:
> > > It might be nice to be get an indication of entropy quality from the OS.
> > > At minimum a boolean (true -> real entropy, false -> meh entropy).
> > > _Perhaps_ also an indication of when was the last time new entropy was
> > > stirred in. (Anything more would be overkill and hard to use well.)
> >
> > We do give such a an indication. For example:
> >
> > random: systemd: uninitialized urandom read (16 bytes read, 3 bits of entropy available)
>
> I meant: in the API. A dmesg does the app no good.
>
> Python could use lame rng seeds for hash table randomization, note the
> lameness, and reseed later when cryptographically-secure an rng is
> needed.
The application can do this already using the existing API's.
int get_pseudorandom_hash(char *buf, int buflen)
{
int fd, ret;
ret = getrandom(buf, buflen, GRND_NONBLOCK);
if (!ret)
return 0;
if (errno != EAGAIN)
return -1;
fd = open("/dev/urandom", O_RDONLY);
if (fd < 0)
return -1;
while (buflen > 0) {
ret = read(fd, buf, buflen);
if (ret < 0)
return -1;
buf += ret;
buflen -= ret;
}
close(fd);
return 0;
}
Cheers,
- Ted
More information about the cryptography
mailing list