[tor-bugs] #13696 [Tor]: Use syscall-based entropy reading where possible.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Nov 28 12:54:48 UTC 2015
#13696: Use syscall-based entropy reading where possible.
-------------------------+--------------------------------
Reporter: nickm | Owner: yawning
Type: enhancement | Status: needs_revision
Priority: Medium | Milestone: Tor: 0.2.???
Component: Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-relay | Actual Points:
Parent ID: | Points:
Sponsor: |
-------------------------+--------------------------------
Comment (by teor):
Replying to [comment:13 teor]:
> * /dev/random
> * sandboxed on iOS
> * source: https://www.mikeash.com/pyblog/friday-qa-2011-03-18
-random-numbers.html#comment-3e4213b49fef1f45568897721e7ad921
> * I wonder what tor / OpenSSL does on iOS at the moment - does it
have very poor randomness because reading /dev/random fails?
Apparently this source is wrong, at least for modern iOS versions: iOS
apps can read from /dev/random. (Which makes sense, as it's impossible to
seed a CSRNG from /dev/random unless you can read from /dev/random. Unless
there was some weird xpc / syscall trickery to a privileged process or the
kernel.)
I'm still ok with implementing the call to SecRandomCopyBytes on OS X /
iOS, because it has better semantics (lower failure rate).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13696#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list