On Fri, Jun 19, 2009 at 10:40:10AM -0700, Cathey, Jim wrote:
> One should always seed PRNG's with the best entropy available,
> and MAC addresses are already nearly guaranteed to be unique
> and are eminently suitable for a seed component.
As Ted Ts'o has pointed out in the past, one can mix the MAC address
into Linux's entropy pool simply by running 'ifconfig -a >/dev/random'.
That's probably just as good (and I might arrange for our installer's
network configuration tool to do that automatically).
> I'd argue that any scheme that relied on nobody else in the world
> ever coming up with the same ID number, by contemplating only its
> own navel(s), is inherently flawed. It's like using hashing without
> the full key check to back it up.
Of course if you use /dev/urandom then you already get input randomness,
interrupt timing data, and so on mixed in there, which is plenty good
enough for this kind of thing.
I happened across /proc/sys/kernel/random/uuid today, which is another
interesting twist on all of this; it's been available since Linux 2.3.16
according to random(4) here. Unfortunately it looks to me as though
dealing with reading it and doing hex-to-binary conversion on it is not
going to be all that much less code than having busybox generate one
itself. Still, in case I'm missing something obvious on how to make it
smaller:
#include <stdlib.h>
#include <string.h>
#include <stdio.h>
int linux_uuid_generate(uuid_t out, char *uuid_string /* char[37] */)
{
FILE* uuid_file;
int i, uuid_byte;
/* or maybe xmalloc_open_read_close? */
uuid_file = fopen("/proc/sys/kernel/random/uuid", "r");
if (!uuid_file)
return 1;
fgets(uuid_string, 37, uuid_file);
fclose(uuid_file);
if (strlen(uuid_string) < 36)
return 1;
i = uuid_byte = 0;
while (i < 36 && uuid_byte < 16) {
static char buf[3] = { 0, 0, 0 };
if (uuid_string[i] == '-')
++i;
buf[0] = uuid_string[i++];
if (i >= 36)
break;
buf[1] = uuid_string[i++];
((unsigned char*) out)[uuid_byte++] = bb_strtol(buf, NULL, 16);
}
if (uuid_byte < 16)
return 1;
else
return 0;
}
--
Colin Watson [[email protected]]
_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox
