[Cryptography] OpenSSL and random
Florian Weimer
fw at deneb.enyo.de
Tue Dec 6 05:53:14 EST 2016
* Theodore Ts'o:
> On Thu, Dec 01, 2016 at 09:47:02PM -0600, Nico Williams wrote:
>> Python could use lame rng seeds for hash table randomization, note the
>> lameness, and reseed later when cryptographically-secure an rng is
>> needed.
>
> The application can do this already using the existing API's.
>
> int get_pseudorandom_hash(char *buf, int buflen)
> {
> int fd, ret;
>
> ret = getrandom(buf, buflen, GRND_NONBLOCK);
> if (!ret)
> return 0;
> if (errno != EAGAIN)
> return -1;
> fd = open("/dev/urandom", O_RDONLY);
> if (fd < 0)
> return -1;
> while (buflen > 0) {
> ret = read(fd, buf, buflen);
> if (ret < 0)
> return -1;
> buf += ret;
> buflen -= ret;
> }
> close(fd);
> return 0;
> }
The error checks don't look right. The errno variable won't be set if
getrandom succeeds. The system call returns a buffer length, not just
a 0/-1 flag indicating success/failure.
More information about the cryptography
mailing list