apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Greg Stein <gst...@lyra.org>
Subject Re: apr_generate_random_bytes() blocks forever
Date Wed, 12 Mar 2003 20:54:40 GMT
On Wed, Mar 12, 2003 at 08:23:21PM +0000, Ben Laurie wrote:
> Karl Fogel wrote:
> > Branko Cibej <brane@xbc.nu> writes:
> > 
> >>>Or gstein has suggested that apr_generate_random_bytes() can grow a
> >>>new flag, indicating urandom is preferred.

Actually, when we were talking, I was thinking flags to define its behavior,
more like what Ben is talking about below. For example, a flag to say
"pseudo random data is acceptable". Certainly nothing as low-level as "don't
block". The flag would indicate the *type* of data to return.

> Woah! That's so wrong! The problem is that if you really want n bits of 
> _real_ randomness, you may _have_ to block.


> The most general fix I can think of is an interface where you pass 
> _three_ numbers. k, n and i, where k is the number of bits of randomness 
> you want, n is the number of bits of entropy you want for _this_ chunk 
> of randomness, and i is the number of initial bits of entropy you want 
> invested in randomness.

Would n==i==0 be a typical pseudo-random generator?

Assuming so, then I like this interface. I'll also note that the UUID
generation would simply ask for k=48, n=i=0. (6 bytes of "good" random data,
but cryptographic randomness is not important)


Greg Stein, http://www.lyra.org/

View raw message