Date: Tue, 11 Sep 2012 11:05:33 +0000 (UTC) From: Dag-Erling Smørgrav <des@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r240360 - releng/9.1/lib/libc/stdlib Message-ID: <201209111105.q8BB5X4w033035@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: des Date: Tue Sep 11 11:05:32 2012 New Revision: 240360 URL: http://svn.freebsd.org/changeset/base/240360 Log: MFH (r240107, r240111): warn against using these for cryptographic purposes. Approved by: re (kib) Modified: releng/9.1/lib/libc/stdlib/rand.3 releng/9.1/lib/libc/stdlib/random.3 Directory Properties: releng/9.1/lib/libc/ (props changed) Modified: releng/9.1/lib/libc/stdlib/rand.3 ============================================================================== --- releng/9.1/lib/libc/stdlib/rand.3 Tue Sep 11 10:07:55 2012 (r240359) +++ releng/9.1/lib/libc/stdlib/rand.3 Tue Sep 11 11:05:32 2012 (r240360) @@ -32,7 +32,7 @@ .\" @(#)rand.3 8.1 (Berkeley) 6/4/93 .\" $FreeBSD$ .\" -.Dd October 6, 2010 +.Dd September 4, 2012 .Dt RAND 3 .Os .Sh NAME @@ -55,9 +55,15 @@ .Fn rand_r "unsigned *ctx" .Sh DESCRIPTION .Bf -symbolic +The functions described in this manual page are not cryptographically +secure. +Cryptographic applications should use +.Xr arc4random 3 +instead. +.Ef +.Pp These interfaces are obsoleted by .Xr random 3 . -.Ef .Pp The .Fn rand @@ -88,9 +94,6 @@ The function initializes a seed using the .Xr random 4 random number device which returns good random numbers. -However, the -.Fn rand -function still remains unsuitable for cryptographic use. .Pp The .Fn rand_r @@ -105,8 +108,6 @@ For better generator quality, use .Xr random 3 or .Xr lrand48 3 . -Applications requiring cryptographic quality randomness should use -.Xr arc4random 3 . .Sh SEE ALSO .Xr arc4random 3 , .Xr lrand48 3 , Modified: releng/9.1/lib/libc/stdlib/random.3 ============================================================================== --- releng/9.1/lib/libc/stdlib/random.3 Tue Sep 11 10:07:55 2012 (r240359) +++ releng/9.1/lib/libc/stdlib/random.3 Tue Sep 11 11:05:32 2012 (r240360) @@ -28,7 +28,7 @@ .\" @(#)random.3 8.1 (Berkeley) 6/4/93 .\" $FreeBSD$ .\" -.Dd June 4, 1993 +.Dd September 4, 2012 .Dt RANDOM 3 .Os .Sh NAME @@ -53,6 +53,14 @@ .Ft char * .Fn setstate "char *state" .Sh DESCRIPTION +.Bf -symbolic +The functions described in this manual page are not cryptographically +secure. +Cryptographic applications should use +.Xr arc4random 3 +instead. +.Ef +.Pp The .Fn random function @@ -98,10 +106,8 @@ as the seed. .Pp The .Fn srandomdev -routine initializes a state array using the -.Xr random 4 -random number device which returns good random numbers, -suitable for cryptographic use. +routine initializes a state array using data from +.Xr random 4 . Note that this particular seeding procedure can generate states which are impossible to reproduce by calling @@ -191,6 +197,3 @@ The historical implementation used to ha random sequence did not vary much with the seed. The current implementation employs a better pseudo-random number generator for the initial state calculation. -.Pp -Applications requiring cryptographic quality randomness should use -.Xr arc4random 3 .
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201209111105.q8BB5X4w033035>