On Sun, Jul 21, 2019 at 07:20:08PM +0000, Taylor R Campbell wrote: > > /dev/randon actually works as documented and if rust wants /dev/urandom > > behavior it should use /dev/urandom. Also I'd like to get explained why > > a compiler needs that much random bits. > > The difference is that /dev/random may block, and if it blocks, it > doesn't wake up until the entropy pool is seeded. In contrast, > /dev/urandom never blocks, even if the entropy pool has not yet been > seeded. > > There is no reason in modern cryptography to read more than one byte > from /dev/random ever in a single application; once you have done > that, or confirmed some other way that the the entropy pool is seeded, > you should generate keys from /dev/urandom.
There should be some way to do that without throwing away 8 random bits. > This is _locally_ sensible for a library that may have many users > beyond a compiler. No, not really; it's the system's responsibility. -- David A. Holland dholl...@netbsd.org