s2n-tls icon indicating copy to clipboard operation
s2n-tls copied to clipboard
verified publisher icon aws

Add support for getentropy() and getrandom()

Open colmmacc opened this issue 11 years ago • 1 comments

Some platforms have a getentropy() call for retrieving randomly generated data, Linux has recently added getrandom(), an equivalent call. s2n should support these where available and avoid using /dev/urandom.

colmmacc avatar Sep 02 '14 20:09 colmmacc

Beware, as the name indicates getentropy(2) is a source of entropy not a direct source of randomness. getentropy(2) data should be fed into a PRNG, not used directly as randomness as the man page indicates:

getentropy() is not intended for regular code; please use the arc4random(3) family of functions instead.

masklinn avatar Oct 20 '15 20:10 masklinn

We don't want to further complicate our random implementation, and plan to use the libcrypto random when possible: https://github.com/aws/s2n-tls/issues/4348

goatgoose avatar Jul 18 '24 17:07 goatgoose