From: akr@...
Date: 2014-02-27T02:18:55+00:00
Subject: [ruby-core:61114] [ruby-trunk - Feature #9569] SecureRandom should try /dev/urandom first

Issue #9569 has been updated by Akira Tanaka.


I said "/dev/urandom usage in securerandom.rb is not a good way." already.
It means securerandom.rb will consume too much entoropy if /dev/urandom is used directry.

It is not a big problem because most users use OpenSSL.
Also, we can say "Please install OpenSSL" if someone complain about the entoropy consumption.

Your proposal breaks this strategy.


----------------------------------------
Feature #9569: SecureRandom should try /dev/urandom first
https://bugs.ruby-lang.org/issues/9569#change-45498

* Author: Corey Csuhta
* Status: Rejected
* Priority: Normal
* Assignee: 
* Category: lib
* Target version: current: 2.2.0
----------------------------------------
Right now, `SecureRandom.random_bytes` tries to detect an OpenSSL to use before it tries to detect `/dev/urandom`. I think it should be the other way around. In both cases, you just need random bytes to unpack, so SecureRandom could skip the middleman (and [second point of failure](http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/)) and just talk to `/dev/urandom` directly if it's available.

Is this a case of just re-ordering the two code chunks so that `/dev/urandom` is tried first?

Relevant lines: https://github.com/ruby/ruby/blob/trunk/lib/securerandom.rb#L59-L90



-- 
http://bugs.ruby-lang.org/