On 6/12/2014 4:49 AM, Chris Cain wrote:


Also, it has suggestions for entropy on
Windows (CryptGenRandom) which is something that will be necessary as well.


It should be RtlGenRandom: It's used by CryptGenRandom, it loads/requires/involves far less unnecessary cruft, and it's well-established as *not* being something MS even *could* change/remove even if they wanted to (due to some of they ways MS themselves already rely on it):

http://blogs.msdn.com/b/michael_howard/archive/2005/01/14/353379.aspx

But this updated system entropy generator you suggest already exists:

https://github.com/D-Programming-Language/phobos/pull/2208/files#diff-713ce153554afc99a07767cc8ba940aeR1189
https://github.com/D-Programming-Language/phobos/pull/2208/files#diff-713ce153554afc99a07767cc8ba940aeR1106

It's also ready-to-use as part of DAuth (which I admit might need a new name to avoid confusion with the totally unrelated OAuth):

https://github.com/Abscissa/DAuth/blob/master/src/dauth/hashdrbg.d#L51
https://github.com/Abscissa/DAuth/blob/master/src/dauth/hashdrbg.d#L201

Naturally, it doesn't yet exist in hap.random because, as Joseph said, hap.random's "step one" is to match the current std.random as closely as possible. I'd be happy to put together a PR to adapt my RNG stuff above to hap.random whenever it would be desired.

Reply via email to