From: Matt Mackall <mpm@selenic.com>
To: Ulrich Drepper <drepper@redhat.com>
Cc: "Theodore Ts'o" <tytso@mit.edu>,
Linux Kernel <linux-kernel@vger.kernel.org>
Subject: Re: short read from /dev/urandom
Date: Sat, 15 Jan 2005 18:44:46 -0800 [thread overview]
Message-ID: <20050116024446.GA3867@waste.org> (raw)
In-Reply-To: <41E7509E.4030802@redhat.com>
On Thu, Jan 13, 2005 at 08:54:54PM -0800, Ulrich Drepper wrote:
> The /dev/urandom device is advertised as always returning the requested
> number of bytes. Yet, it fails to do this under some situations.
> Compile this
Here's what random.c says:
* The two other interfaces are two character devices /dev/random and
* /dev/urandom. /dev/random is suitable for use when very high
* quality randomness is desired (for example, for key generation or
* one-time pads), as it will only return a maximum of the number of
* bits of randomness (as estimated by the random number generator)
* contained in the entropy pool.
*
* The /dev/urandom device does not have this limit, and will return
* as many bytes as are requested. As more and more random bytes are
* requested without giving time for the entropy pool to recharge,
* this will result in random numbers that are merely cryptographically
* strong. For many applications, however, this is acceptable.
_Neither_ case mentions signals and the "and will return as many bytes
as requested" is clearly just a restatement of "does not have this
limit". Whoever copied this comment to the manpage was a bit sloppy
and dropped the first clause rather than the second:
When read, /dev/urandom device will return as many bytes as are
requested. As a result, if there is not sufficient entropy in
the entropy pool...
Meanwhile, read(2) says:
It is not an error if this number is smaller than the number
of bytes requested; this may happen for example because fewer
bytes are actually available right now (maybe because we were
close to end-of-file, or because we are reading from a pipe,
or from a terminal), or because read() was interrupted by a
signal.
So anyone doing a read() can expect a short read regardless of the fd
and is quite clear that reads can be interrupted by signals. "It is
not an error". Ever.
--
Mathematics is the supreme nostalgia of our time.
next prev parent reply other threads:[~2005-01-16 2:45 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-01-14 4:54 short read from /dev/urandom Ulrich Drepper
2005-01-14 5:56 ` David Wagner
2005-01-14 6:54 ` Ulrich Drepper
2005-01-14 19:55 ` David Wagner
2005-01-14 19:10 ` Theodore Ts'o
2005-01-14 21:04 ` Ulrich Drepper
2005-01-14 23:21 ` Theodore Ts'o
2005-01-15 2:36 ` H. Peter Anvin
2005-01-16 2:51 ` Matt Mackall
2005-01-16 3:18 ` H. Peter Anvin
2005-01-15 2:34 ` H. Peter Anvin
2005-01-19 15:48 ` Pavel Machek
2005-01-16 2:44 ` Matt Mackall [this message]
2005-01-16 3:58 ` Ulrich Drepper
2005-01-16 4:58 ` Matt Mackall
2005-01-16 13:23 ` Andries Brouwer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050116024446.GA3867@waste.org \
--to=mpm@selenic.com \
--cc=drepper@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.