[Cryptography] [FORGED] Re: Is Ron right on randomness
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Wed Nov 30 17:38:53 EST 2016
Bill Cox <waywardgeek at gmail.com> writes:
>I just learned on another thread that Linux provided a fixed API. The new
>right answer on Linux is to call getrandom:
>
>https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c6e9d6f3
>
>It's in linux 3.17. My Ubuntu 14.04 laptop upgraded to 3.19, so I had it...
>Then it upgraded to 4.2.0, and now I no longer have it. Grrr...
And that's the problem with getRandom(), it's the right theoretical solution
but not the right practical one, unless you want to ship source code for each
targeted system and get the user to build it themselves or use dlsym() to get
to it. Here's the hackery I use to get to it, which requires a build from
source on each system:
#if defined( __linux__ ) && defined( GRND_NONBLOCK )
/* getrandom() was defined in kernel 3.17 and above but is rarely
supported in libc ("if we add support for it then people might use it
and things won't work any more with older libc versions"). In some
cases it's possible to access it via syscall() with SYS_getrandom,
so the best that we can do is use that if it's available */
#ifdef SYS_getrandom
#include <sys/syscall.h>
noBytes = syscall( SYS_getrandom, buffer, DEVRANDOM_BYTES,
GRND_NONBLOCK );
#else
/* noBytes = getrandom( buffer, DEVRANDOM_BYTES, GRND_NONBLOCK ); */
#endif /* No guarantee of getrandom() support */
#else
/* Half-dozen other approaches to the same thing, all incompatible */
The thing with a /dev/urandom read is that you can solve the problem once,
rather than once per OS type, distribution, and kernel version. One of the
lesser-mentioned software freedoms is, unfortunately, the freedom to make a
complete mess.
Peter.
More information about the cryptography
mailing list