This PR addresses #255 by implementing getrandom and, depending on a flag, replacing /dev/random and /dev/urandom as entropy sources with the getrandom() syscall.
getrandom() is strictly better than /dev/random or /dev/urandom. It will block on systems with uninitialized entropy pools, but will not block thereafter, and pulls from the same entropy pool as /dev/urandom. Thus, it does not block after system entropy initialization, like /dev/random does, and it does not provide "bad" entropy prior to system entropy initialization, like /dev/urandom does.
It is also not vulnerable to file descriptor exhaustion, as it does not use filehandles to read from the stream devices, but instead generates bytes directly from the kernel entropy pool and copies them into the provided buffer.
vincenthz
commented
1 year ago
This PR addresses #255 by implementing getrandom and, depending on a flag, replacing
/dev/randomand/dev/urandomas entropy sources with thegetrandom()syscall.getrandom()is strictly better than /dev/random or /dev/urandom. It will block on systems with uninitialized entropy pools, but will not block thereafter, and pulls from the same entropy pool as/dev/urandom. Thus, it does not block after system entropy initialization, like/dev/randomdoes, and it does not provide "bad" entropy prior to system entropy initialization, like/dev/urandomdoes.It is also not vulnerable to file descriptor exhaustion, as it does not use filehandles to read from the stream devices, but instead generates bytes directly from the kernel entropy pool and copies them into the provided buffer.