[Announce] Libgcrypt 1.8.4 released

Daniel Kahn Gillmor dkg at fifthhorseman.net
Mon Oct 29 18:22:02 CET 2018

On Fri 2018-10-26 20:16:21 +0200, Werner Koch wrote:
> The GnuPG Project is pleased to announce the availability of Libgcrypt
> versions 1.8.4.

thanks for this release, Werner!

>  * Performance:
>    - On Linux always make use of getrandom if possible and then use
>      its /dev/urandom behaviour.  [#3894]

This characterization is unfortunate, since the getrandom() default
behavior is *not* the /dev/urandom behavior.  In particular, the
getrandom() default behavior blocks until the kernel's internal pool has
been fully initialized, while /dev/urandom never blocks.  This is one of
the main arguments for using getrandom() instead of /dev/urandom in the
first place.

I appreciate that the actual change landed in libgcrypt!  This is a real
improvement for users of GNU/Linux systems.  I just don't want people to
think that the change will cause them to possibly use an uninitialized
PRNG like /dev/urandom, because that is not the case with the change
that we made here.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20181029/4747a0f2/attachment.sig>

More information about the Gnupg-devel mailing list