On 02/17/2012 02:51 PM, Jon Callas wrote:
On Feb 17, 2012, at 12:41 PM, Nico Williams wrote:
I'd like for /dev/urandom to block, but only early in boot. Once
enough entropy has been gathered for it to start it should never
block. One way to achieve this is to block boot progress early
enough in booting by reading from /dev/random, thus there'd be no
need for /dev/urandom to ever block.
I can understand why you might want that, but that would be wrong
with a capital W. The whole *point* of /dev/urandom is that it
doesn't block. If you want blocking behavior, you should be calling
/dev/random.
Alternatively, we could specify a /dev/nrandom which has the behavior
Nico desires.
The correct solution is to have early-stage boot code
call /dev/random if it wants blocking behavior.
Except when /dev/random is equivalent to to /dev/urandom, as in OpenBSD
and whatever Ben just posted from (FreeBSD perhaps?).
(Note that I have completely ignored an argument of why blocking is
rarely a good idea, which is the reason people call /dev/urandom. No
one said software engineering was easy.)
"Don't block unless it's truly so soon after startup that the kernel's
(nondecreasing) accumulated entropy estimate is pathologically low"
ought to be a satisfiable requirement.
The guy who writes the ssh_keygen program shouldn't have to try to
figure out if he's being called from /etc/rc*, he should be able to get
what he needs from a standard device.
- Marsh
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
