Hacker News new | ask | show | jobs
by dchest 2377 days ago
- It won't fail if there's no /dev/random device mounted (e.g. in chroot)

- It won't fail if there are no file descriptors available

- No error handling needed: the call always succeeds and random bytes are always returned
1 comments
ben_bai 2377 days ago
So like the standard arc4random_buf(3) which everybody has except for Linux.

Don't worry the name is historic it does not us the arc4 cipher any longer, at least on OpenBSD. They switched to chacha20 as stream cipher.

link
dchest 2377 days ago
The interface is the same, but arc4random_buf is a user-space CSPRNG.

The analog of zx_cprng_draw is getentropy(2): http://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/... except zx_cprng_draw kills the process, while getentropy returns an error.

link
cyphar 2377 days ago
Linux has had getrandom(2) for quite a few years, and there are glibc wrappers which use it.
link