On Wed, Mar 12, 2003 at 08:23:21PM +0000, Ben Laurie wrote: > Karl Fogel wrote: > > Branko Cibej <[EMAIL PROTECTED]> writes: > > > >>>Or gstein has suggested that apr_generate_random_bytes() can grow a > >>>new flag, indicating urandom is preferred.
Actually, when we were talking, I was thinking flags to define its behavior, more like what Ben is talking about below. For example, a flag to say "pseudo random data is acceptable". Certainly nothing as low-level as "don't block". The flag would indicate the *type* of data to return. >... > Woah! That's so wrong! The problem is that if you really want n bits of > _real_ randomness, you may _have_ to block. Right. >... > The most general fix I can think of is an interface where you pass > _three_ numbers. k, n and i, where k is the number of bits of randomness > you want, n is the number of bits of entropy you want for _this_ chunk > of randomness, and i is the number of initial bits of entropy you want > invested in randomness. Would n==i==0 be a typical pseudo-random generator? Assuming so, then I like this interface. I'll also note that the UUID generation would simply ask for k=48, n=i=0. (6 bytes of "good" random data, but cryptographic randomness is not important) Cheers, -g -- Greg Stein, http://www.lyra.org/
