top | item 8645187

(no title)

ushi | 11 years ago

getrandom() is a generic interface you can use to implement getentropy(), which is used to seed arc4random(). It is not an alternative arc4random implementation...

From the OpenBSD Manpage:

    getentropy() will succeed unless:

    [EFAULT]
    The buf parameter points to an invalid address.
    
    [EIO]
    Too many bytes requested, or some other fatal error occurred.

See: http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/...

discuss

acqq|11 years ago

Yes, getrandom is not an alternative arc4random implementation, it's a lower level interface. Even the programmers writing for Linux should actually locate arc4random implementation that they can use. And before somebody even considers calling getrandom directly he should evaluate how hard is to just implement getentropy from getrandom, it's harder than it looks at the start, if I correctly remember even Ted Tso's first attempt was wrong -- here's the better (I don't know if it's the last):

http://lwn.net/Articles/606552/

    int getentropy(void *buf, size_t buflen)
    {
            int     ret;

            if (buflen > 256)
                    goto failure;
            ret = getrandom(buf, buflen, 0);
            if (ret < 0)
                    return ret;
            if (ret == buflen)
                    return 0;
    failure:
            errno = EIO;
            return -1;
    }

Note the magical 256 number. It's important.