On Thu, Jul 28, 2022 at 02:46:38PM +0000, Elliott, Robert (Servers) wrote: > Two places call UTI_GetRandomBytesUrandom rather than UTI_GetRandomBytes. > > 1. nts_ke_server.c generate_key (from patch a420ed57q): > + UTI_GetRandomBytesUrandom(server_keys[index].key, key_length); > + if (!SIV_SetKey(server_keys[index].siv, server_keys[index].key, > key_length)) > + assert(0); > + > + UTI_GetRandomBytes(&server_keys[index].id, sizeof (server_keys[index].id)); > > 2. client.c process_cmd_keygen (from patch 7fcf69ce): > + UTI_GetRandomBytesUrandom(key, length); > > Is there any reason for them to call the Urandom version directly?
They generate long-term keys, i.e. need a higher-quality random generator. The non-Urandom version can use arc4random() which is fast, but not described as suitable for long term keys, at least as I understand it. The upcoming glibc has arc4random(), so this will be the case also on Linux. -- Miroslav Lichvar -- To unsubscribe email chrony-dev-requ...@chrony.tuxfamily.org with "unsubscribe" in the subject. For help email chrony-dev-requ...@chrony.tuxfamily.org with "help" in the subject. Trouble? Email listmas...@chrony.tuxfamily.org.