Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

urandom module doesn't check that /dev/urandom is a valid random device #2

Open
euantorano opened this issue Nov 29, 2017 · 0 comments
Open

urandom module doesn't check that /dev/urandom is a valid random device #2

euantorano opened this issue Nov 29, 2017 · 0 comments

Comments

@euantorano
Copy link

euantorano commented Nov 29, 2017
edited
Loading

The urandom module doesn't currently check that the /dev/urandom file is actually a source of random data. It should check that the file handle is a character device as is done in this example module: https://github.com/euantorano/sysrandom.nim/blob/master/src/sysrandom.nim#L118

Additionally, the urandom module currently uses CryptGenRandom on Windows. It may be easier to use RtlGenRandom instead. It may also make sense to use arc4random_buf on openBSD systems as its use is encouraged there
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@euantorano