Re: [PATCH] using arc4random for strong randomness matters.

2018-01-11 Thread Stephen Frost
David, all, * David CARLIER (devne...@gmail.com) wrote: > > IIUC, what this code actually does is reseed itself from /dev/urandom > > every so often and work from a PRNG in between. That's not a layer that > > we need, because the code on top is already designed to cope with the > > foibles of

Re: [PATCH] using arc4random for strong randomness matters.

2017-11-22 Thread David CARLIER
> I dunno, it seems like this is opening us to a new set of portability > hazards (ie, sub-par implementations of arc4random) with not much gain to > show for it. > Hence I reduced to three platforms only. > > IIUC, what this code actually does is reseed itself from /dev/urandom > every so often

Re: [PATCH] using arc4random for strong randomness matters.

2017-11-22 Thread Andres Freund
On November 22, 2017 8:51:07 AM PST, ilm...@ilmari.org wrote: >If what is wanted is something more like /dev/urandom, one can call >getentropy(2) (or on Linux, getrandom(2)) directly, which avoids having >to open the device file each time. What does that buy us for our usages? Andres -- Sent

Re: [PATCH] using arc4random for strong randomness matters.

2017-11-22 Thread Dagfinn Ilmari Mannsåker
Tom Lane writes: > David CARLIER writes: >> I m not against as such that depends of the implementation but I ve seen in >> quick glance it s RC4 ? arc4random uses ChaCha20 since OpenBSD 5.5 (and libbsd 0.8.0 on Linux). It uses getentropy(2) to seed

Re: [PATCH] using arc4random for strong randomness matters.

2017-11-22 Thread Andres Freund
Hi, Please don't top-quote on postgres mailing lists. On 2017-11-22 16:16:35 +, David CARLIER wrote: > > David CARLIER writes: > > > I m not against as such that depends of the implementation but I ve seen > > in > > > quick glance it s RC4 ? > > > > More generally, why

Re: [PATCH] using arc4random for strong randomness matters.

2017-11-22 Thread David CARLIER
Basically the call never fails, always generating high quality random data (especially the implementations based on Chacha* family, RC4 has predictability issues), there is no need of a file descriptor. On 22 November 2017 at 16:06, Tom Lane wrote: > David CARLIER

Re: [PATCH] using arc4random for strong randomness matters.

2017-11-22 Thread Tom Lane
David CARLIER writes: > I m not against as such that depends of the implementation but I ve seen in > quick glance it s RC4 ? More generally, why should we bother with an additional implementation? Is this better than /dev/urandom, and if so why?

Re: [PATCH] using arc4random for strong randomness matters.

2017-11-22 Thread David CARLIER
I m not against as such that depends of the implementation but I ve seen in quick glance it s RC4 ? Regards. On 22 November 2017 at 15:37, David Fetter wrote: > On Tue, Nov 21, 2017 at 12:08:46PM +, David CARLIER wrote: > > Hello, > > > > This is my first small personal

Re: [PATCH] using arc4random for strong randomness matters.

2017-11-22 Thread David Fetter
On Tue, Nov 21, 2017 at 12:08:46PM +, David CARLIER wrote: > Hello, > > This is my first small personal contribution. > > Motivation : > - Using fail-safe, file descriptor free solution on *BSD and Darwin system > - Somehow avoiding at the moment FreeBSD as it still uses RC4 (seemingly >

[PATCH] using arc4random for strong randomness matters.

2017-11-21 Thread David CARLIER
Hello, This is my first small personal contribution. Motivation : - Using fail-safe, file descriptor free solution on *BSD and Darwin system - Somehow avoiding at the moment FreeBSD as it still uses RC4 (seemingly updated to Chacha20 for FreeBSD 12.0 and eventually backported later on). - For