Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
select() on /dev/random before first read from /dev/urandom #374
Linux has the familiar problem that /dev/random blocks too much (insisting on being information-theoretically secure), while /dev/urandom doesn't block even when it should (at early boot, prior to being adequately seeded). The new
As detailed by my question and answer in this crypto.StackExchange thread, if /dev/random unblocks it implies that /dev/urandom has been seeded, because the kernel gives 128 bits of entropy to the nonblocking pool before it gives any at all to the blocking pool or the input pool.
I propose that libsodium take advantage of this behavior by
Obviously, on systems that do have
I'll be happy to contribute a pull request for this feature if you indicate interest in taking it.
It's a bit ugly and hairy. This is a temporary unreliable hack for a platform-specific problem that has already been solved. And it introduces a change in semantics since
On the other hand, it can prevents actual security issues especially on embedded devices
This will have to wait after 1.0.9 is released, but I think this is still worth having, and a pull request would be nice (but please use