-
Notifications
You must be signed in to change notification settings - Fork 18.1k
crypto/rand: probably time to block in getrandom #19274
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Comments
getrandom
Some more info here.
|
@agl, please do this this week if you want to get this in for Go 1.9. |
(No chance at the moment because of <Google-internal reason that you might be aware of>.) |
CL https://golang.org/cl/43852 mentions this issue. |
This commit adds in RandReader, a cryptographically secure io.Reader that will fail when the os has insufficient randomness. This is done using the getrandom() syscall in non-blocking mode. see: http://man7.org/linux/man-pages/man2/getrandom.2.html Any kernel new enough to have filesystem encryption will also have this syscall. This RandReader is preferable to the one provided by the standard library in crypto/rand. See the bugs: golang/go#11833 golang/go#19274 This will be removed when go updates the crypto/rand implementation. Change-Id: Icccaf07bc6011b95cd31a5c268e7486807dcffe2
The 1.9 cycle might be the correct time to revisit #11833 now that getrandom has spread further, including into a Ubuntu LTS release.
The text was updated successfully, but these errors were encountered: