From owner-svn-src-all@FreeBSD.ORG Tue Sep 4 21:40:54 2012 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 70715106566C; Tue, 4 Sep 2012 21:40:54 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 421888FC0A; Tue, 4 Sep 2012 21:40:54 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q84Lesnh023138; Tue, 4 Sep 2012 21:40:54 GMT (envelope-from des@svn.freebsd.org) Received: (from des@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id q84Les2x023135; Tue, 4 Sep 2012 21:40:54 GMT (envelope-from des@svn.freebsd.org) Message-Id: <201209042140.q84Les2x023135@svn.freebsd.org> From: Dag-Erling Smørgrav Date: Tue, 4 Sep 2012 21:40:54 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r240107 - head/lib/libc/stdlib X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Sep 2012 21:40:55 -0000 Author: des Date: Tue Sep 4 21:40:53 2012 New Revision: 240107 URL: http://svn.freebsd.org/changeset/base/240107 Log: Add a prominent warning about these functions' unsuitability for cryptographic purposes, and recommend using arc4random(3) instead. Modified: head/lib/libc/stdlib/rand.3 head/lib/libc/stdlib/random.3 Modified: head/lib/libc/stdlib/rand.3 ============================================================================== --- head/lib/libc/stdlib/rand.3 Tue Sep 4 21:38:31 2012 (r240106) +++ head/lib/libc/stdlib/rand.3 Tue Sep 4 21:40:53 2012 (r240107) @@ -55,9 +55,15 @@ .Fn rand_r "unsigned *ctx" .Sh DESCRIPTION .Bf -symbolic +The functions described in this manual page are not cryptographically +secure. +Cryptographic applications should use +.Xr arc4random 3 +instead. +.Ef +.Pp These interfaces are obsoleted by .Xr random 3 . -.Ef .Pp The .Fn rand @@ -88,9 +94,6 @@ The function initializes a seed using the .Xr random 4 random number device which returns good random numbers. -However, the -.Fn rand -function still remains unsuitable for cryptographic use. .Pp The .Fn rand_r @@ -105,8 +108,6 @@ For better generator quality, use .Xr random 3 or .Xr lrand48 3 . -Applications requiring cryptographic quality randomness should use -.Xr arc4random 3 . .Sh SEE ALSO .Xr arc4random 3 , .Xr lrand48 3 , Modified: head/lib/libc/stdlib/random.3 ============================================================================== --- head/lib/libc/stdlib/random.3 Tue Sep 4 21:38:31 2012 (r240106) +++ head/lib/libc/stdlib/random.3 Tue Sep 4 21:40:53 2012 (r240107) @@ -53,6 +53,14 @@ .Ft char * .Fn setstate "char *state" .Sh DESCRIPTION +.Bf -symbolic +The functions described in this manual page are not cryptographically +secure. +Cryptographic applications should use +.Xr arc4random 3 +instead. +.Ef +.Pp The .Fn random function @@ -98,10 +106,8 @@ as the seed. .Pp The .Fn srandomdev -routine initializes a state array using the -.Xr random 4 -random number device which returns good random numbers, -suitable for cryptographic use. +routine initializes a state array using data from +.Xr random 4 . Note that this particular seeding procedure can generate states which are impossible to reproduce by calling @@ -191,6 +197,3 @@ The historical implementation used to ha random sequence did not vary much with the seed. The current implementation employs a better pseudo-random number generator for the initial state calculation. -.Pp -Applications requiring cryptographic quality randomness should use -.Xr arc4random 3 .