dlsym(RTLD_DEFAULT, "getentropy") return non-NULL on Mac
Wang Weijun
weijun.wang at oracle.com
Mon Nov 9 03:35:33 UTC 2015
> On Nov 8, 2015, at 7:18 PM, Dmitry Samersoff <dmitry.samersoff at oracle.com> wrote:
>
> Wang Weijun,
>
>> The function is rather new in the latest Solaris beta [1] and it's
>> preferred to reading from /dev/random. There are already people
>> suggest adding it to Linux. If I use simply using dlsym then it will
>> automatically work on all current and future platforms. In fact, I
>> was planning to write
>
> 1. Please, check libc only not entire process image.
dlopen("libc.so", RTLD_LAZY)?
This works on Solaris but on Linux seems I have to use "libc.so.6".
>
>
> 2. OS X random system is a different story: /dev/random never blocks and
> returns the output of Yarrow PRNG. Also OS X uses SecurityServer
> process to feed entropy pool.
>
> So IMHO, it's better to don't attempt to use other functions on OS X
> until it appears officially.
OK.
>
> 3. Please notice that:
>
> /dev/random will block if you request more bits than entropy pool can
> provide.
>
> but (according to manual page) getentropy will return immediately
> with error if less that requested bytes of entropy is available and you
> can't request more than 256 bytes of entropy at once.
>
> it might require changes in uplevel logic.
Not much. I won't need much entropy.
Thanks
Max
>
> -Dmitry
More information about the security-dev
mailing list