[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Cryptokit.Random unsuitable in cooperative multithreaded systems

Cryptokit.Random.secure_rng might use /dev/random for entropy
generation which might block if there isn't enough available entropy.
My local machine never seems to have low entropy with

$ cat /proc/sys/kernel/random/

but ocaml-www2 says

$ cat /proc/sys/kernel/random/entropy_avail

There are only a handful of Unix calls in the library...

Additionally, Vincent Bernardoff appears to have forked Cryptokit with
the unmerged addition of SHA-512 <https://github.com/vbmithr/cryptokit-sha512>.

What's the status of this library? Is it part of Mirage? Are we
forking it? Is it maintained?

I'm using Random for now as it doesn't really matter to have secure
RNG for ocamlot.





Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.