1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
@node getrandom
@subsection @code{getrandom}
@findex getrandom
Documentation:
@itemize
@item
@ifinfo
@ref{Unpredictable Bytes,,Generating Unpredictable Bytes,libc},
@end ifinfo
@ifnotinfo
@url{https://www.gnu.org/software/libc/manual/html_node/Unpredictable-Bytes.html},
@end ifnotinfo
@item
@uref{https://www.kernel.org/doc/man-pages/online/pages/man2/getrandom.2.html,,man getrandom}.
@end itemize
Gnulib module: getrandom
Portability problems fixed by Gnulib:
@itemize
@item
This function is missing on some platforms:
glibc 2.24, macOS 11.1, FreeBSD 11.0, NetBSD 9.0, OpenBSD 6.7, Minix 3.3, AIX 7.1, HP-UX 11.31, IRIX 6.5, Solaris 11.0, Cygwin 1.7.x, mingw, MSVC 14, Android 9.0.
@item
This function has a different return type on some platforms:
Solaris 11.4.
@end itemize
Portability problems not fixed by Gnulib:
@itemize
@item
The @code{GRND_INSECURE} flag is missing on some platforms:
glibc 2.34, macOS 10.15, GNU/kFreeBSD, FreeBSD 12.0, OpenBSD 6.7,
Minix 3.3, Haiku.
@item
The @code{GRND_RANDOM} flag has different effects on different platforms.
Some platforms ignore the flag, or yield data that can fail to be
random in some cases.
@end itemize
@noindent
Although this function is intended to produce random data, the data's
security properties may not be appropriate for your application.
For example, identical ``random'' data streams might be produced by
rebooted virtual machines. If this is of concern you may need to use
additional techniques such as hedging.@footnote{Ristenpart T, Yilek
S@. @url{http://pages.cs.wisc.edu/~rist/papers/sslhedge.pdf, When good
randomness goes bad: virtual machine vulnerabilities and hedging
deployed cryptography}. NDSS 2010.}
Related modules include @code{getentropy}, which has a simpler but
more-limited API, and @code{crypto/gc-random}, which is likely a
better match for code already using the other @code{crypto} APIs.
|
