arc4random initialization
Conrad Meyer
cem at freebsd.org
Tue Dec 8 16:25:41 UTC 2020
I don’t know how the logic in stable/12 works. I don’t believe any of those
messages come from userspace arc4random.
On Mon, Dec 7, 2020 at 22:31 Dave Hayes <dave at jetcafe.org> wrote:
> On Mon, 7 Dec 2020 18:52:03 -0800
> Conrad Meyer <cem at freebsd.org> wrote:
> > > Is there any indication as to when it has safely reseeded?
> >
> > For the core random device, the message "random: unblocking device."
> > is printed in dmesg and logged to /var/log/messages.
>
> Note that I am not running CURRENT, but 12.2-STABLE (r367506). Given this,
> the order of messages I see is:
>
> arc4random: no preloaded entropy cache
> random: entropy device external interface
> random: registering fast source Intel Secure Key RNG
> random: fast provider: "Intel Secure Key RNG"
> arc4random: no preloaded entropy cache
> random: unblocking device.
> arc4random: no preloaded entropy cache
> arc4random: no preloaded entropy cache
> (...at least 20 more of these).
>
> That is from "dmesg | grep random", which might be naive, but nonetheless
> illustrates my lack of certainty as to whether or not the appropriate
> generator
> has reseeded such that subsequent generation of cryptographic random
> numbers is
> safe.
>
> Just how do I know which messages are from arc4random(9) and which are from
> arc4random(3)?
> --
> Dave Hayes - Consultant - LA CA, USA - dave at dream-tech.com
> >>>> *The opinions expressed above are entirely my own* <<<<
>
> No system is any use if you merely possess it. Ownership
> requires operation. No system is useful if one can only
> experiment with it. For a system to be useful, it must be
> correctly operated.
>
More information about the freebsd-hackers
mailing list