Message45756
Logged In: YES
user_id=499
Thanks for the reply!
- As for /dev/*random -- yes, I believe you are right, and
/dev/urandom is almost always what you want. I haven't been
able to find a platform that has one of the others, but
lacks /dev/urandom.
- I can't find a statement on the page you link about using
CRYPT_VERIFYCONTEXT that way, but you may well be right anway.
- One more important issue: It is a bad idea to use stdio
(C's 'fopen', Python's builtin 'open') to read from
/dev/urandom. Most stdio implementation buffer data; on my
GNU/Linux box, when I call open('/dev/urandom').read(10), my
underlying fread() function sucks 4096 bytes into memory.
(It does other weird stuff too, including calls to stat64,
mmap, and others.) This has proved to be a problem in the
past, especially when running on systems with heavy user
process limits. Instead, it is a better idea to use the
open syscall directly (open in C, os.open in Python). |
|
Date |
User |
Action |
Args |
2007-08-23 15:37:10 | admin | link | issue934711 messages |
2007-08-23 15:37:10 | admin | create | |
|