Use /dev/urandom as the OSRandomSource on OS(DARWIN)
Created attachment 82115 [details] Patch
arc4random itself on Mac OS X seeds from /dev/random rather than /dev/urandom. On Mac OS X and FreeBSD the two are equivalent, but on Linux platforms /dev/random contains strictly more entropy than /dev/urandom, with the latter not being recommended for certain long-term cryptographic purposes. Is there a particular reason why the code uses /dev/random rather than /dev/urandom?
> arc4random itself on Mac OS X seeds from /dev/random rather than /dev/urandom. Does it? http://www.opensource.apple.com/source/Libc/Libc-391.2.7/gen/arc4random.c says: fd = open("/dev/urandom", O_RDONLY, 0); Perhaps that code is out of date?
In either case, my understanding is that this statement from wikipedia is accurate: [[ A counterpart to /dev/random is /dev/urandom ("unlocked"/non-blocking random source[4]) which reuses the internal pool to produce more pseudo-random bits. This means that the call will not block, but the output may contain less entropy than the corresponding read from /dev/random. While it is still intended as a pseudorandom number generator suitable for most cryptographic purposes, it is not recommended for the generation of long-term cryptographic keys. ]] For our purposes, the non-blocking nature of /dev/urandom is helpful (otherwise the browser will hang). We're already re-using our entropy pool with RC4, so the net result is essentially the same.
(In reply to comment #3) > > arc4random itself on Mac OS X seeds from /dev/random rather than /dev/urandom. > > Does it? > > http://www.opensource.apple.com/source/Libc/Libc-391.2.7/gen/arc4random.c says: > > fd = open("/dev/urandom", O_RDONLY, 0); > > Perhaps that code is out of date? That code is certainly out of date. Libc-391.2.7 looks to come from Mac OS X 10.4.x. The version I was looking at is basically identical to what’s in current FreeBSD (<http://svn.freebsd.org/base/head/lib/libc/gen/arc4random.c>).
(In reply to comment #4) > For our purposes, the non-blocking nature of /dev/urandom is helpful (otherwise the browser will hang). We're already re-using our entropy pool with RC4, so the net result is essentially the same. If you’re convinced it’s good enough then that’s fine with me. It’s obviously makes no difference on Mac OS X which we use as both /dev/urandom and /dev/random are backed by the same device.
The commit-queue encountered the following flaky tests while processing attachment 82115 [details]: http/tests/websocket/tests/handshake-challenge-randomness.html bug 53738 (author: abarth@webkit.org) The commit-queue is continuing to process your patch.
Comment on attachment 82115 [details] Patch Clearing flags on attachment: 82115 Committed r78421: <http://trac.webkit.org/changeset/78421>
All reviewed patches have been landed. Closing bug.
The commit-queue encountered the following flaky tests while processing attachment 82115 [details]: http/tests/websocket/tests/multiple-connections.html bug 53825 (author: abarth@webkit.org) The commit-queue is continuing to process your patch.