Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 8 Dec 2020 08:25:29 -0800
From:      Conrad Meyer <cem@freebsd.org>
To:        Dave Hayes <dave@jetcafe.org>
Cc:        freebsd-hackers@freebsd.org
Subject:   Re: arc4random initialization
Message-ID:  <CAG6CVpVxM_YhbdwM2kg56_22U-hVDo51w5uNV35zNjCmV_eh=w@mail.gmail.com>
In-Reply-To: <20201207223122.28c188f5@bigus.dream-tech.com>
References:  <20201206153625.13e349a8@bigus.dream-tech.com> <EB47F35A-EAD8-4B97-B676-FD8C5AD57398@FreeBSD.org> <CAG6CVpVUPzaGK-CdqdvGEmytmkAH%2BQTrX0BRho-HPUts60HZpQ@mail.gmail.com> <20201207223122.28c188f5@bigus.dream-tech.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
I don=E2=80=99t know how the logic in stable/12 works. I don=E2=80=99t beli=
eve any of those
messages come from userspace arc4random.

On Mon, Dec 7, 2020 at 22:31 Dave Hayes <dave@jetcafe.org> wrote:

> On Mon, 7 Dec 2020 18:52:03 -0800
> Conrad Meyer <cem@freebsd.org> wrote:
> > > Is there any indication as to when it has safely reseeded?
> >
> > For the core random device, the message "random: unblocking device."
> > is printed in dmesg and logged to /var/log/messages.
>
> Note that I am not running CURRENT, but 12.2-STABLE (r367506). Given this=
,
> the order of messages I see is:
>
>  arc4random: no preloaded entropy cache
>  random: entropy device external interface
>  random: registering fast source Intel Secure Key RNG
>  random: fast provider: "Intel Secure Key RNG"
>  arc4random: no preloaded entropy cache
>  random: unblocking device.
>  arc4random: no preloaded entropy cache
>  arc4random: no preloaded entropy cache
>  (...at least 20 more of these).
>
> That is from "dmesg | grep random", which might be naive, but nonetheless
> illustrates my lack of certainty as to whether or not the appropriate
> generator
> has reseeded such that subsequent generation of cryptographic random
> numbers is
> safe.
>
> Just how do I know which messages are from arc4random(9) and which are fr=
om
> arc4random(3)?
> --
> Dave Hayes - Consultant - LA CA, USA - dave@dream-tech.com
> >>>> *The opinions expressed above are entirely my own* <<<<
>
> No system is any use if you merely possess it. Ownership
> requires operation. No system is useful if one can only
> experiment with it.  For a system to be useful, it must be
> correctly operated.
>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAG6CVpVxM_YhbdwM2kg56_22U-hVDo51w5uNV35zNjCmV_eh=w>