Closed dequis closed 9 years ago
dequis
commented
10 years ago Considered this:
https://developer.gnome.org/glib/stable/glib-Random-Numbers.html
But oddly enough, for cryptographic purposes they recommend platform specific code, like /dev/urandom, which is what we're using.
It's probably as bad as the libc rand(), or maybe slightly better, but i see no easy way to get bytes out of it, or reset the seed of g_random_int() on fork without using GRand instances. Doesn't seem worth it.
jcopenha
commented
10 years ago My suggestion would be to check for /dev/urandom at configure time and fail to build if it isn't there. And if for some reason /dev/urandom goes away after it's built just fail. Having a random_bytes function that sometimes returns bytes that are okay and sometimes aren't is a bad idea.
dequis
commented
10 years ago Not a fan of checking it at configure time, but yeah... silently returning bad random numbers in some platforms is awful.
This patch does improve the situation a little, though
Could also consider using the RNG from the ssl library.
dequis
commented
9 years ago
See http://www.2uo.de/myths-about-urandom/ for details.
Also add clarifications in the few uses of the libc rand() - it looks horribly insecure with no context but it's just a fallback.