Hacker News new | ask | show | jobs
by MrRadar 2704 days ago
On the other hand, using the system cryptographic RNG (/dev/urandom, CryptGenRandom) is probably less effort than it took to write this strange half-baked RNG.
3 comments
shittyadmin 2704 days ago
Yup, if you want to see the state of the art in this, here it is from libsodium:

https://github.com/jedisct1/libsodium/blob/master/src/libsod...

They sum it up in their docs like this:

- On Windows systems, the RtlGenRandom() function is used

- On OpenBSD and Bitrig, the arc4random() function is used

- On recent Linux kernels, the getrandom system call is used

- On other Unices, the /dev/urandom device is used

link
loeg 2704 days ago
It seems they use getrandom() on FreeBSD too:

    # if defined(__FreeBSD_version) && __FreeBSD_version >= 1200000
    #  include <sys/random.h>
    #  define HAVE_LINUX_COMPATIBLE_GETRANDOM
link
int_19h 2704 days ago
CryptGenRandom first appeared in WinXP.

And 7-Zip first shipped in 1999. Granted, AES support was only added in 2003, but the app still had to run on Win2K and 9x back then.

link
chasil 2704 days ago
This likely happened because 7-zip is Windows-centric, and the p7zip packages for UNIXish systems are assembled afterwards.
link