From: Matt Mackall <mpm@selenic.com>
To: Ulrich Drepper <drepper@redhat.com>
Cc: "Theodore Ts'o" <tytso@mit.edu>,
Linux Kernel <linux-kernel@vger.kernel.org>
Subject: Re: short read from /dev/urandom
Date: Sat, 15 Jan 2005 18:44:46 -0800 [thread overview]
Message-ID: <20050116024446.GA3867@waste.org> (raw)
In-Reply-To: <41E7509E.4030802@redhat.com>
On Thu, Jan 13, 2005 at 08:54:54PM -0800, Ulrich Drepper wrote:
> The /dev/urandom device is advertised as always returning the requested
> number of bytes. Yet, it fails to do this under some situations.
> Compile this
Here's what random.c says:
* The two other interfaces are two character devices /dev/random and
* /dev/urandom. /dev/random is suitable for use when very high
* quality randomness is desired (for example, for key generation or
* one-time pads), as it will only return a maximum of the number of
* bits of randomness (as estimated by the random number generator)
* contained in the entropy pool.
*
* The /dev/urandom device does not have this limit, and will return
* as many bytes as are requested. As more and more random bytes are
* requested without giving time for the entropy pool to recharge,
* this will result in random numbers that are merely cryptographically
* strong. For many applications, however, this is acceptable.
_Neither_ case mentions signals and the "and will return as many bytes
as requested" is clearly just a restatement of "does not have this
limit". Whoever copied this comment to the manpage was a bit sloppy
and dropped the first clause rather than the second:
When read, /dev/urandom device will return as many bytes as are
requested. As a result, if there is not sufficient entropy in
the entropy pool...
Meanwhile, read(2) says:
It is not an error if this number is smaller than the number
of bytes requested; this may happen for example because fewer
bytes are actually available right now (maybe because we were
close to end-of-file, or because we are reading from a pipe,
or from a terminal), or because read() was interrupted by a
signal.
So anyone doing a read() can expect a short read regardless of the fd
and is quite clear that reads can be interrupted by signals. "It is
not an error". Ever.
--
Mathematics is the supreme nostalgia of our time.
next prev parent reply other threads:[~2005-01-16 2:45 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-01-14 4:54 short read from /dev/urandom Ulrich Drepper
2005-01-14 5:56 ` David Wagner
2005-01-14 6:54 ` Ulrich Drepper
2005-01-14 19:55 ` David Wagner
2005-01-14 19:10 ` Theodore Ts'o
2005-01-14 21:04 ` Ulrich Drepper
2005-01-14 23:21 ` Theodore Ts'o
2005-01-15 2:36 ` H. Peter Anvin
2005-01-16 2:51 ` Matt Mackall
2005-01-16 3:18 ` H. Peter Anvin
2005-01-15 2:34 ` H. Peter Anvin
2005-01-19 15:48 ` Pavel Machek
2005-01-16 2:44 ` Matt Mackall [this message]
2005-01-16 3:58 ` Ulrich Drepper
2005-01-16 4:58 ` Matt Mackall
2005-01-16 13:23 ` Andries Brouwer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050116024446.GA3867@waste.org \
--to=mpm@selenic.com \
--cc=drepper@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox