File: [local] / src / share / man / man4 / random.4 (download)
Revision 1.36, Fri May 29 03:27:29 2020 UTC (4 years ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE, OPENBSD_7_5, OPENBSD_7_4_BASE, OPENBSD_7_4, OPENBSD_7_3_BASE, OPENBSD_7_3, OPENBSD_7_2_BASE, OPENBSD_7_2, OPENBSD_7_1_BASE, OPENBSD_7_1, OPENBSD_7_0_BASE, OPENBSD_7_0, OPENBSD_6_9_BASE, OPENBSD_6_9, OPENBSD_6_8_BASE, OPENBSD_6_8, HEAD
Changes since 1.35: +2 -5 lines
pointless referencing .h files in SYNOPSIS
|
.\" $OpenBSD: random.4,v 1.36 2020/05/29 03:27:29 deraadt Exp $
.\"
.\" Copyright (c) 1996, 1997 Michael Shalayeff
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.Dd $Mdocdate: May 29 2020 $
.Dt RANDOM 4
.Os
.Sh NAME
.Nm random ,
.Nm urandom
.Nd random data source device
.Sh DESCRIPTION
The
.Nm urandom
device produces high quality pseudo-random output data without ever
blocking.
.Pp
Entropy data stored previously is provided to the kernel during the
boot sequence and used as inner-state of a stream cipher.
High quality data is available immediately upon kernel startup.
System activity (such as disk, network, and clock device interrupts),
and hardware random generator output is collected, whitened with a crc
and hash, then periodically folded together with stream cipher
inner-state and outer-state to create a new inner state.
Reads from all consumers (including the kernel itself, which makes many
requests per second) are sliced from the same output stream, which carves
the stream cipher output unpredictably and helps improve forward and
backtracking protection beyond the strength of the stream cipher.
.Pp
The
.Nm urandom
device is intended to be used in scripts.
In C programs, use the
.Xr arc4random 3
family of functions instead, which can be called in almost all
coding environments, including
.Xr pthreads 3 ,
.Xr chroot 2 ,
.Xr pledge 2 ,
and
.Xr unveil 2 ,
and which avoids accessing a filesystem device every time.
.Pp
For portability reasons, never use
.Pa /dev/random .
On
.Ox ,
it is an alias for
.Pa /dev/urandom ,
but on many other systems misbehaves by blocking because their
random number generators lack a robust boot-time initialization sequence.
.Sh FILES
.Bl -tag -width /dev/urandom -compact
.It Pa /dev/urandom
.El
.Sh SEE ALSO
.Xr arc4random 3 ,
.Xr amdpm 4 ,
.Xr glxsb 4 ,
.Xr pchb 4 ,
.Xr arc4random 9
.Sh HISTORY
A
.Nm
device first appeared in Linux in 1994.
The
.Nm random
and
.Nm urandom
devices have been available since
.Ox 2.0 .
![[BACK]](/icons/back.gif){kind=icon}
Return to random.4 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / share / man / man4