Comments (6)
I think glibc
did not have getrandom()
when I started this. However I agree that seeding from system time is a bad idea. ;)
Wondering whether or not we should call getrandom()
with GRND_RANDOM
... If we do we have to make sure we get enough bytes and/or do not block.
from mkinitcpio-ykfde.
I have not been happy either. ;)
Have a look at 25d3aaf, that should be fine for anybody.
from mkinitcpio-ykfde.
Just pushed c33a043, which uses getrandom()
to seed.
I thought about filling the challenge with getrandom()
, but I would like to keep printable characters in the challenge.
So are you happy with this?
from mkinitcpio-ykfde.
Hi! thanks for looking at this. Sorry about the quite cold writing at the top, I was tired then.
I was thinking about something along the lines of removing rand() completely. Getting "randomness" from /dev/urandom is more than enough and cryptographically secure.
If the urandom source has been initialized, reads of up to 256 bytes will always return as many bytes as requested and will not be interrupted by signals.
If the urandom source has not yet been initialized, then getrandom() will block.
So this means that we are good to go to generate ints. You don't need to pass any flag to getrandom, use 0
.
Sorry that my C is very rusted (about 15years rusted), so I can't write the code. For C++11, it's as easy as: https://en.cppreference.com/w/cpp/numeric/random/uniform_int_distribution
For C, I couldn't find an example with getrandom so I guess I have to take your solution, but I would use 0
as flag and sizeof(unsigned int)
instead of hardcoded 4
. Maybe you can get the idea with my python code (based on other's) to generate random ints from a random buffer: randbelow() which uses randint().
Cheers!
from mkinitcpio-ykfde.
Feel free to comment on closed issue...
Are you happy with this change?
from mkinitcpio-ykfde.
Yeah, much better :)
Thanks for the effort!
from mkinitcpio-ykfde.
Related Issues (20)
- ykfde results in error: Failed opening challenge file for reading: No such file or directory HOT 1
- [idea] Use second factor as challenge HOT 4
- [Arch Linux] [Bug] Unable to build or run mkinitcpio after updating json-c package HOT 6
- Seg fault HOT 6
- Current master segfaults in ykfde.c HOT 3
- gcc 8: error: 'strncpy' specified bound 108 equals destination size [-Werror=stringop-truncation] HOT 4
- Can not Find /etc/crypttab.initramfs Antergos HOT 1
- ykfde.service not available during boot - Fedora 30 HOT 4
- /usr/lib/udev/ykfde helper executed before filesystem device is ready
- Works with RHEL8? HOT 17
- ykfde-worker failed to start HOT 5
- Fails to build from aur HOT 4
- initramfs bad magic HOT 1
- Is it possible to (re)enable numlock for entering the PIN? HOT 1
- Grub initrd injection doesn't work on Fedora HOT 2
- Could not update passphrase for key slot n.
- Feature request: BIO support HOT 3
- feat: commandline calculate key HOT 1
- How to add /boot/ykfde-challenges.img to mkinitcpio UKI? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from mkinitcpio-ykfde.