randpool.dat (Was Re: [Dev] Profile directory changes landed,
location of __repository__ etc. changed)
Heikki Toivonen
heikki at osafoundation.org
Tue Feb 1 15:59:13 PST 2005
Grant Baillie wrote:
> On Jan 28, 2005, at 6:28 PM, Heikki Toivonen wrote:
>> randpool.dat is a small file containing some random bits that is needed
>> for crypto operations. Read on startup, written on exit. Normally it is
>> not a big deal if it cannot be read or written.
>
> On Mac OS/Linux, shouldn't we be using /dev/random (or /dev/urandom) for
> random bits?
We are. That's where OpenSSL get's entropy on systems that have
/dev/random, and on Windows it uses CryptoAPI. But stock systems that
don't have much uptime don't have that much of entropy in them, so
adding a little from randpool.dat is just a backup.
One caveat: need to double check that loading the randpool.dat only adds
to the internal entropy pool and does not replace it.
--
Heikki Toivonen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
Url : http://lists.osafoundation.org/pipermail/dev/attachments/20050201/20af1b00/signature.bin
More information about the Dev
mailing list