[patches] add support for arc4random_buf()

edgar at pettijohn-web.com edgar at pettijohn-web.com
Tue Feb 6 16:09:54 CET 2018

On Feb 6, 2018 6:35 AM, Werner Koch <wk at gnupg.org> wrote:
> On Tue,  6 Feb 2018 06:25, edgar at pettijohn-web.com said:
> > Please see attached patches to add support for arc4random_buf() as an
> > alternate to /dev/{u}random. I tried to be as unobtrusive as possible
> > and maintain style. It should also allow the user to still define
> > RANDOM_CONF_ONLY_URANDOM if they would prefer to use
> > /dev/urandom. This will allow gpg to be used on filesystems mounted
> > nodev while providing quick, quality randomness.
> Please describe what arc4random_buf is and where it is used.

The manual is probably the best source of information.


However, the tldr.

arc4random_buf() fills the buffer with nbytes of random data using the ChaCha20 cipher. It is thread safe. Every call stirs it more adding to it's randomness.


> I also redirect this to the libgcrypt mailing list.
> Salam-Shalom,
>    Werner
> -- 
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list