arc4random initialization
Dave Hayes
dave at jetcafe.org
Tue Dec 8 06:31:31 UTC 2020
On Mon, 7 Dec 2020 18:52:03 -0800
Conrad Meyer <cem at freebsd.org> wrote:
> > Is there any indication as to when it has safely reseeded?
>
> For the core random device, the message "random: unblocking device."
> is printed in dmesg and logged to /var/log/messages.
Note that I am not running CURRENT, but 12.2-STABLE (r367506). Given this,
the order of messages I see is:
arc4random: no preloaded entropy cache
random: entropy device external interface
random: registering fast source Intel Secure Key RNG
random: fast provider: "Intel Secure Key RNG"
arc4random: no preloaded entropy cache
random: unblocking device.
arc4random: no preloaded entropy cache
arc4random: no preloaded entropy cache
(...at least 20 more of these).
That is from "dmesg | grep random", which might be naive, but nonetheless
illustrates my lack of certainty as to whether or not the appropriate generator
has reseeded such that subsequent generation of cryptographic random numbers is
safe.
Just how do I know which messages are from arc4random(9) and which are from
arc4random(3)?
--
Dave Hayes - Consultant - LA CA, USA - dave at dream-tech.com
>>>> *The opinions expressed above are entirely my own* <<<<
No system is any use if you merely possess it. Ownership
requires operation. No system is useful if one can only
experiment with it. For a system to be useful, it must be
correctly operated.
More information about the freebsd-hackers
mailing list