[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Dotgnu-pnet-commits] CVS: pnet/engine lib_crypt.c,1.10,1.11
|
From: |
Rhys Weatherley <address@hidden> |
|
Subject: |
[Dotgnu-pnet-commits] CVS: pnet/engine lib_crypt.c,1.10,1.11 |
|
Date: |
Tue, 26 Nov 2002 19:49:36 -0500 |
Update of /cvsroot/dotgnu-pnet/pnet/engine
In directory subversions:/tmp/cvs-serv22964/engine
Modified Files:
lib_crypt.c
Log Message:
Slight update to the random number generator: use /dev/urandom if present
because /dev/random can block for very long periods of time, which is
unacceptable in our environment.
Index: lib_crypt.c
===================================================================
RCS file: /cvsroot/dotgnu-pnet/pnet/engine/lib_crypt.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -C2 -r1.10 -r1.11
*** lib_crypt.c 27 Nov 2002 00:24:49 -0000 1.10
--- lib_crypt.c 27 Nov 2002 00:49:33 -0000 1.11
***************
*** 385,392 ****
* 17.14 of the second edition of "Applied Cryptography.
*
! * We extract seed information from the system (which is "/dev/random" if
! * it is present), and then mix it to generate the material that we require.
! * Once we've extracted roughly 1024 bytes, or the pool is more than
! * 2 seconds old, we discard the pool and acquire new seed material.
*
* Feel free to submit patches that make this a better random number
--- 385,392 ----
* 17.14 of the second edition of "Applied Cryptography.
*
! * We extract seed information from the system (which is "/dev/urandom" or
! * "/dev/random" if present), and then mix it to generate the material that
! * we require. Once we've extracted roughly 1024 bytes, or the pool is more
! * than 2 seconds old, we discard the pool and acquire new seed material.
*
* Feel free to submit patches that make this a better random number
***************
*** 429,445 ****
(currentTime.secs - thread->process->randomLastTime) >= 2)
{
! /* Warning! If the system doesn't have /dev/random,
then this code is unlikely to give good results.
! Most Unix-like systems do have /dev/random these
days,
but non-Unix OS'es may require changes to this code.
! We deliberately don't use /dev/urandom as we want the
! kernel to make sure that the values returned are
based
! on actual system entropy, and not expanded entropy.
! We will expand the entropy ourselves. */
ILMemZero(thread->process->randomPool,
IL_SHA_HASH_SIZE);
#ifdef HAVE_OPEN
! fd = open("/dev/random", O_RDONLY, 0);
if(fd >= 0)
{
--- 429,451 ----
(currentTime.secs - thread->process->randomLastTime) >= 2)
{
! /* Warning! If the system doesn't have /dev/[u]random,
then this code is unlikely to give good results.
! Most Unix-like systems do have /dev/[u]random these
days,
but non-Unix OS'es may require changes to this code.
! Note: technically /dev/urandom isn't quite as random
as
! /dev/random under Linux, but /dev/random may block
for
! very long periods of time if the kernel judges that
the
! entropy pool has expired, but the system doesn't
have much
! activity to generate new entropy quickly. We a
happy with
! the kernel's previous entropy values. */
ILMemZero(thread->process->randomPool,
IL_SHA_HASH_SIZE);
#ifdef HAVE_OPEN
! fd = open("/dev/urandom", O_RDONLY, 0);
! if(fd < 0)
! {
! fd = open("/dev/random", O_RDONLY, 0);
! }
if(fd >= 0)
{
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Dotgnu-pnet-commits] CVS: pnet/engine lib_crypt.c,1.10,1.11,
Rhys Weatherley <address@hidden> <=
- Prev by Date:
[Dotgnu-pnet-commits] CVS: pnet/engine engine.h,1.62,1.63 lib_crypt.c,1.9,1.10 process.c,1.39,1.40
- Next by Date:
[Dotgnu-pnet-commits] CVS: pnet/engine lib_crypt.c,1.11,1.12
- Previous by thread:
[Dotgnu-pnet-commits] CVS: pnet/engine engine.h,1.62,1.63 lib_crypt.c,1.9,1.10 process.c,1.39,1.40
- Next by thread:
[Dotgnu-pnet-commits] CVS: pnet/engine lib_crypt.c,1.11,1.12
- Index(es):