Content-Disposition: inline From: Evan_Hunt@isc.org X-Mailer: MIME-tools 5.508 (Entity 5.508) Message-ID: To: bind9-public@isc.org MIME-Version: 1.0 Subject: improve crypto-rand UI and clarify RNG use in general Date: Tue, 19 Sep 2017 20:06:08 +0000 X-RT-Interface: Web Content-Transfer-Encoding: binary Content-Type: text/plain; charset="utf-8" X-RT-Original-Encoding: utf-8 Content-Length: 911 As discussed in 31459: > 1) when built with --enable-crypto-rand, "crypto" is used instead of > "openssl" or "pkcs11" to indicate use of the crypto library random > number generator > 2) when built with --enable-crypto-rand, random-device defaults to "crypto" > 3) when overridden with -r or the random-device option, crypto-rand is > fully disabled, and a file source is used in its place. > 4) the uses of isc_random_get() that you noted as BAD should be updated > to isc_rng_random(), OR, isc_random_get() should be altered to be a > front-end for isc_rng_random(). > 5) improve comments and write some developer doc that does a better > job explaining how the RNG/PRNG functions interrelate The "BAD" uses of isc_random_get() were: - to initialize FNV hash name (BTW this is BAD) - client cookie nonce (BAD) - nsec3param salt (BAD) - rndc initial serial number of messages (BAD)