Unconditionally use libc::getrandom on Illumos and libc::geentropy on Solaris
#417
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
newpavlov
reviewed
May 2, 2024
newpavlov
reviewed
May 2, 2024
josephlr
force-pushed
the
solaris
branch
2 times, most recently
from
360c2cc
to
ac5e838
Compare
newpavlov
reviewed
May 2, 2024
Also removes the use of `GRND_RANDOM`, which appears to be based on outdated staements about the RNGs. For Solaris, see [this blog post](https://blogs.oracle.com/solaris/post/solaris-new-system-calls-getentropy2-and-getrandom2). For Illumos, the algorithms are less clear, but I don't see a clear reason to continue using `GRND_RANDOM`. I updated the documentation in `getrandom.rs` to full document this decision and to have a common place listing when `getrandom(2)` became avalible on each platform. I also updated the main lib.rs docs to point to the correct man pages. Note that Solaris 11.3 has a maximum buffer length of 1024 bytes, while Illumos doesn't have this sort of issue. Signed-off-by: Joe Richey <joerichey@google.com>
|
Seems reasonable from an illumos perspective, with a small nit: we don't capitalise the "i" in illumos when it appears in print. Thanks! |
|
@josephlr |
newpavlov
changed the title
libc::getrandom on Illumos and libc::geentropy on Solaris
Merged
|
Thanks for merging this (and sorry for not being responsive).
@newpavlov after rereading the solaris documentation, I think we misread things. That comment isn't saying "passing
There's also the following comment from the blog post introducing
Given this, should we use |
josephlr
added a commit
that referenced
this pull request
May 6, 2024
#417 used `getentropy(2)` on Solaris, but after looking at [the blog post introducing `getrandom()` and `getentropy()`](https://blogs.oracle.com/solaris/post/solaris-new-system-calls-getentropy2-and-getrandom2), it seems like we should prefer using `getrandom` based on this quote: > On Solaris the output of getentropy(2) is entropy and should not be used where randomness is needed, in particular it must not be used where an IV or nonce is needed when calling a cryptographic operation. It is intended only for seeding a user space RBG (Random Bit Generator) system. More specifically the data returned by getentropy(2) has not had the required FIPS 140-2 processing for the DRBG applied to it. I also updated some of the documentation explaining: - Why we ever use `getentropy(2)` - Why we don't ever set `GRND_RANDOM` Signed-off-by: Joe Richey <joerichey@google.com>
|
@josephlr
Probably, yes. But we may want to keep it in a separate module. In addition to the max buffer logic, Solaris also guarantees that input buffer will be fully filled:
So we do not need to call |
josephlr
added a commit
that referenced
this pull request
May 6, 2024
#417 used `getentropy(2)` on Solaris, but after looking at [the blog post introducing `getrandom()` and `getentropy()`](https://blogs.oracle.com/solaris/post/solaris-new-system-calls-getentropy2-and-getrandom2), it seems like we should prefer using `getrandom` based on this quote: > On Solaris the output of getentropy(2) is entropy and should not be used where randomness is needed, in particular it must not be used where an IV or nonce is needed when calling a cryptographic operation. It is intended only for seeding a user space RBG (Random Bit Generator) system. More specifically the data returned by getentropy(2) has not had the required FIPS 140-2 processing for the DRBG applied to it. I also updated some of the documentation explaining: - Why we ever use `getentropy(2)` - Why we don't ever set `GRND_RANDOM` Signed-off-by: Joe Richey <joerichey@google.com>
josephlr
added a commit
that referenced
this pull request
May 6, 2024
#417 used `getentropy(2)` on Solaris, but after looking at [the blog post introducing `getrandom()` and `getentropy()`](https://blogs.oracle.com/solaris/post/solaris-new-system-calls-getentropy2-and-getrandom2), it seems like we should prefer using `getrandom` based on this quote: > On Solaris the output of getentropy(2) is entropy and should not be used where randomness is needed, in particular it must not be used where an IV or nonce is needed when calling a cryptographic operation. It is intended only for seeding a user space RBG (Random Bit Generator) system. More specifically the data returned by getentropy(2) has not had the required FIPS 140-2 processing for the DRBG applied to it. I also updated some of the documentation explaining: - Why we use `getentropy(2)` - Why we only set `GRND_RANDOM` on Solaris Signed-off-by: Joe Richey <joerichey@google.com>
josephlr
added a commit
that referenced
this pull request
May 6, 2024
#417 used `getentropy(2)` on Solaris, but after looking at [the blog post introducing `getrandom()` and `getentropy()`](https://blogs.oracle.com/solaris/post/solaris-new-system-calls-getentropy2-and-getrandom2), it seems like we should prefer using `getrandom` based on this quote: > On Solaris the output of getentropy(2) is entropy and should not be used where randomness is needed, in particular it must not be used where an IV or nonce is needed when calling a cryptographic operation. It is intended only for seeding a user space RBG (Random Bit Generator) system. More specifically the data returned by getentropy(2) has not had the required FIPS 140-2 processing for the DRBG applied to it. I also updated some of the documentation explaining: - Why we use `getentropy(2)` - Why we only set `GRND_RANDOM` on Solaris Signed-off-by: Joe Richey <joerichey@google.com>
josephlr
added a commit
that referenced
this pull request
May 6, 2024
#417 used `getentropy(2)` on Solaris, but after looking at [the blog post introducing `getrandom()` and `getentropy()`](https://blogs.oracle.com/solaris/post/solaris-new-system-calls-getentropy2-and-getrandom2), it seems like we should prefer using `getrandom` based on this quote: > On Solaris the output of getentropy(2) is entropy and should not be used where randomness is needed, in particular it must not be used where an IV or nonce is needed when calling a cryptographic operation. It is intended only for seeding a user space RBG (Random Bit Generator) system. More specifically the data returned by getentropy(2) has not had the required FIPS 140-2 processing for the DRBG applied to it. I also updated some of the documentation explaining: - Why we use `getentropy(2)` - Why we only set `GRND_RANDOM` on Solaris Signed-off-by: Joe Richey <joerichey@google.com>
josephlr
added a commit
that referenced
this pull request
May 6, 2024
#417 used `getentropy(2)` on Solaris, but after looking at [the blog post introducing `getrandom()` and `getentropy()`](https://blogs.oracle.com/solaris/post/solaris-new-system-calls-getentropy2-and-getrandom2), it seems like we should prefer using `getrandom` based on this quote: > On Solaris the output of getentropy(2) is entropy and should not be used where randomness is needed, in particular it must not be used where an IV or nonce is needed when calling a cryptographic operation. It is intended only for seeding a user space RBG (Random Bit Generator) system. More specifically the data returned by getentropy(2) has not had the required FIPS 140-2 processing for the DRBG applied to it. I also updated some of the documentation explaining: - Why we use `getentropy(2)` - Why we only set `GRND_RANDOM` on Solaris Signed-off-by: Joe Richey <joerichey@google.com>
josephlr
added a commit
that referenced
this pull request
May 6, 2024
#417 used `getentropy(2)` on Solaris, but after looking at [the blog post introducing `getrandom()` and `getentropy()`](https://blogs.oracle.com/solaris/post/solaris-new-system-calls-getentropy2-and-getrandom2), it seems like we should prefer using `getrandom` based on this quote: > On Solaris the output of getentropy(2) is entropy and should not be used where randomness is needed, in particular it must not be used where an IV or nonce is needed when calling a cryptographic operation. It is intended only for seeding a user space RBG (Random Bit Generator) system. More specifically the data returned by getentropy(2) has not had the required FIPS 140-2 processing for the DRBG applied to it. I also updated some of the documentation explaining: - Why we use `getentropy(2)` - Why we only set `GRND_RANDOM` on Solaris Signed-off-by: Joe Richey <joerichey@google.com>
josephlr
added a commit
that referenced
this pull request
May 6, 2024
#417 used `getentropy(2)` on Solaris, but after looking at [the blog post introducing `getrandom()` and `getentropy()`](https://blogs.oracle.com/solaris/post/solaris-new-system-calls-getentropy2-and-getrandom2), it seems like we should prefer using `getrandom` based on this quote: > On Solaris the output of getentropy(2) is entropy and should not be used where randomness is needed, in particular it must not be used where an IV or nonce is needed when calling a cryptographic operation. It is intended only for seeding a user space RBG (Random Bit Generator) system. More specifically the data returned by getentropy(2) has not had the required FIPS 140-2 processing for the DRBG applied to it. I also updated some of the documentation explaining: - Why we use `getentropy(2)` - Why we only set `GRND_RANDOM` on Solaris Signed-off-by: Joe Richey <joerichey@google.com>
josephlr
added a commit
that referenced
this pull request
May 6, 2024
#417 used `getentropy(2)` on Solaris, but after looking at [the blog post introducing `getrandom()` and `getentropy()`](https://blogs.oracle.com/solaris/post/solaris-new-system-calls-getentropy2-and-getrandom2), it seems like we should prefer using `getrandom` based on this quote: > On Solaris the output of getentropy(2) is entropy and should not be used where randomness is needed, in particular it must not be used where an IV or nonce is needed when calling a cryptographic operation. It is intended only for seeding a user space RBG (Random Bit Generator) system. More specifically the data returned by getentropy(2) has not had the required FIPS 140-2 processing for the DRBG applied to it. I also updated some of the documentation explaining: - Why we use `getentropy(2)` - Why we only set `GRND_RANDOM` on Solaris Signed-off-by: Joe Richey <joerichey@google.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #413
Also removes the use of
GRND_RANDOM, which appears to be based on outdated staements about the RNGs. For Solaris, see this blog post. For Illumos, the algorithms are less clear, but I don't see a clear reason to continue usingGRND_RANDOM.I updated the documentation in
getrandom.rsto full document this decision and to have a common place listing whengetrandom(2)became avalible on each platform. I also updated the main lib.rs docs to point to the correct man pages.Note that Solaris 11.3 has a maximum buffer length of 1024 bytes, while Illumos doesn't have this sort of issue.