From a1933bd1847951b959016f59ee744d1b18a00142 Mon Sep 17 00:00:00 2001
From: Laurent Bercot
Date: Fri, 14 Oct 2016 17:07:56 +0000
Subject: Clean up and modernize librandom.
Correct random number generation has historically been
suprisingly painful to achieve. There was no standard,
every system behaved in a subtly different way, and there
were a few userland initiatives to get decent randomness,
all incompatible of course.
The situation is a bit better now, we're heading towards
some standardization. The arc4random() series of functions
is a good API, and available on a lot of systems -
unfortunately not Linux, but on Linux the new getrandom()
makes using /dev/random obsolete.
So I removed the old crap in librandom, dropped EGD support,
dropped dynamic backend selection, made a single API series
(random_* instead of goodrandom_* and badrandom_*), added
an arc4random backend and a getrandom backend, and defaulted
to /dev/urandom backed up by SURF in the worst case. This
should be much smaller and logical. However, it's a major
API break, so the skarnet.org stack will be changed to
adapt.
---
doc/librandom/index.html | 89 ++++++++++++++++++++++++++++++------------------
1 file changed, 55 insertions(+), 34 deletions(-)
(limited to 'doc')
diff --git a/doc/librandom/index.html b/doc/librandom/index.html
index 8001811..183086a 100644
--- a/doc/librandom/index.html
+++ b/doc/librandom/index.html
@@ -51,64 +51,85 @@ If the EGD connection fails, a SURF PRNG is used.
function prototypes.
- High quality, cryptographically strong random data
+ Basic functions
unsigned char c ;
- unsigned int max ;
- unsigned int n ;
+ uint32_t max ;
+ uint32_t n ;
unsigned int b ;
char data[at least b] ;
int r ;
- goodrandom_init() ;
- c = goodrandom_char() ;
- n = goodrandom_int(max) ;
- r = goodrandom_string(data, b) ;
- goodrandom_finish() ;
+ r = random_init() ;
+ c = random_char() ;
+ n = random_uint32(max) ;
+ random_string(data, b) ;
+ random_finish() ;
- goodrandom_init() becomes optional with skalibs-0.43.
+ random_init() must be called before any other function in
+the random library. It returns 0 (and sets errno) on failure, and
+nonzero on success.
+
+
+
It is recommended that you let the library perform cleanups after you
-have used it, by calling goodrandom_finish().
+are done using it, by calling random_finish() - unless your
+process exits right away.
- - goodrandom_char() returns a random character
- - goodrandom_int(max) returns a random integer
-between 0 and max-1
- - goodrandom_string(data, b) puts
-b random bytes in data, which must be preallocated.
-It returns b if it succeeds, or a non-negative integer lesser
-than b if it fails for any reason.
+ - random_char() returns a random character.
+ - random_uint32(max) returns a random integer
+between 0 and max-1.
+ - random_string(data, b) fills
+b bytes in data (which must be preallocated)
+with random data.
+ Advanced functions
+
- If you have neither /dev/random nor EGD, a software PRNG is
-used. This PRNG is based on the
-SURF function, which
-is unpredictable enough for most uses.
+ void random_unsort (char *s, unsigned int n, unsigned int chunksize)
+Shuffles the array s (of size at least n*chunksize) by
+performing a random permutation of the n blocks of chunksize bytes.
+Bytes are not permuted inside chunks.
- Lower quality random data
-
- It works basically the same, by replacing goodrandom_* with
-badrandom_*. It uses /dev/urandom on systems that
-support it; on systems that do not, but support EGD, non-blocking calls
-to EGD are made ; if that is not enough, or EGD is not supported,
-the SURF generator is used.
+ void random_name (char *s, unsigned int n)
+Writes n random readable ASCII characters into s:
+letters, numbers, hyphens or underscores. Does not terminate with a
+null character.
- The point of badrandom is to get random bytes instantly,
-even at the expense of quality; whereas goodrandom always returns
-high-quality random bytes, but may block if entropy is insufficient. In
-practice, in spite of its name, badrandom will return quite
-unpredictable pseudo-random data, so goodrandom should be used
-only when paranoia is the rule and blocking is an option.
+ int random_sauniquename (stralloc *sa, unsigned int n)
+Appends a (non-null-terminated) unique, unpredictable ASCII name to the
+stralloc *sa. That
+name includes n randomly generated ASCII characters.
+ Notes
+
+
+ - The random library is a thin wrapper around the best
+available random generator provided by the underlying system. By
+decreasing order of preference, it will use the following
+implementations if available:
+
+ - The random_init() function tries to automatically add some
+reasonably random data to the underlying random generator's entropy pool.
+However, that pseudorandom data is not 100% unpredictable, so it will not
+replace proper seeding of the random generator at boot time.
+
+