bug-hurd
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

translator for /dev/random and /dev/urandom


From: Marcus Brinkmann
Subject: translator for /dev/random and /dev/urandom
Date: Sat, 23 Jun 2001 16:43:08 +0200
User-agent: Mutt/1.3.18i

Hi,

I hacked up a translator for /dev/random and /dev/urandom.  It is not quite
finished yet, but already usable.  I don't have time for it the next couple
of days, so I better post it now in case somebody is interested in taking a
look at it.

The tar file is available in
ftp://alpha.gnu.org/gnu/hurd/contrib/marcus/random.tar.gz

Some comments:

* The code is based on GnuPGs entropy pool software.

* There are three levels: 0 (weak), 1 (fast), 2 (secure).  Level 0 is
  quite pseudo, calculating random from time() and getrusage().
  Level 1 takes good entropy if it is available, but can live without it
  and doesn't block.
  Level 2 is supposed to be cryptographically secure, given a good entropy
  source.

  Use --fast for /dev/urandom, and --secure for /dev/random.
  Use --seed-file to store a seed file across reboots (in /var/run).

* Entropy sources just write into /dev/random (or whereever).

* I had to disable pool initialization from random data for randomness
  levels 0 and 1, because otherwise they could block at first startup.
  This is not the best fix, I plan to change that.
  If you have a seed file, this is only a issue at first startup, and I
  think blocking for a while on first startup is acceptable.

* gather_random should open /dev/random (or other level 2 sources) in
  non_block mode for level 1 and ask for some entropy.

* Seed file is automatic (a shutdown notification will make the translator
  write the seed file, etc).

* There seems to be an off by one error in the gatherbuf code. ;)

* select() should work, but is not tested.  O_NONBLOCK should work but is
  not tested.  If somebody does, please let me know.  Try with --secure,
  because level 1/0 never block.

* Permissions and owners of underlying nodes should be correctly exposed.
  I don't think I am doing this correctly right now.

I suggest

touch /dev/random
chmod 0644 /dev/random
settrans /dev/random /hurd/random --seed-file /var/run/random-seed --secure
touch /dev/urandom
chmod 0644 /dev/urandom
settrans /dev/urandom /hurd/random --seed-file /var/run/urandom-seed --fast

Now you only need something that polls various random sources and feeds them
into /dev/random.

* The current implementation is passive, eg it waits for "something" to
  write good randomness to /dev/random before it does something with it.
  Someone should write a daemon that polls various random sources, for
  example egd, and feeds the random data into /dev/random.

  One can criticize my approach to be backwards, and that the translator
  should do the polling itself.  This is probably correct, and a later
  version should have the ability.  One problem is that this requires
  knowledge about the protocols (like egd).  One advantage is that this
  allows to judge the quality of the randomness.  Maybe I will incorporate
  gnupgs rndunix.c as a built-in source of randomness.  In any case, a
  libchannel abstraction ala libstore would make this simpler.

Hey, this is a first version only, can't be perfect the first time, right?
:)

Thanks,
Marcus

-- 
`Rhubarb is no Egyptian god.' Debian http://www.debian.org brinkmd@debian.org
Marcus Brinkmann              GNU    http://www.gnu.org    marcus@gnu.org
Marcus.Brinkmann@ruhr-uni-bochum.de
http://www.marcus-brinkmann.de



reply via email to

[Prev in Thread] Current Thread [Next in Thread]