diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-01-29 21:39:13 -0600 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-01-29 21:39:13 -0600 |
| commit | 9967bc5c378ea2e72cc6c034e22bca6588ca2f29 (patch) | |
| tree | 1d2c215c0b7b49ba94b7df370f84cfa18eb1c951 /docs | |
| parent | 136ff17aceac8b61cd1c3f12774c3d1f9cf6742a (diff) | |
| download | cryptography-9967bc5c378ea2e72cc6c034e22bca6588ca2f29.tar.gz cryptography-9967bc5c378ea2e72cc6c034e22bca6588ca2f29.tar.bz2 cryptography-9967bc5c378ea2e72cc6c034e22bca6588ca2f29.zip | |
add a little info about the various system randoms. maybe useful?
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/hazmat/backends/openssl.rst | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/docs/hazmat/backends/openssl.rst b/docs/hazmat/backends/openssl.rst index 17d01ca8..16519d18 100644 --- a/docs/hazmat/backends/openssl.rst +++ b/docs/hazmat/backends/openssl.rst @@ -46,6 +46,18 @@ added to the engine list but **not activated** if you only import the binding. If you wish to deactivate it call ``unregister_osrandom_engine()`` on the backend object. +OS Random Sources +---------------------------- + +On OS X and FreeBSD ``/dev/urandom`` is an alias for ``/dev/random`` and +utilizes the `Yarrow`_ algorithm. + +On Windows ``CryptGenRandom`` is backed by `Fortuna`_. + +Linux uses its own PRNG design. ``/dev/urandom`` is a non-blocking source seeded +from the ``/dev/random`` pool. + + .. _`OpenSSL`: https://www.openssl.org/ .. _`initializing the RNG`: http://en.wikipedia.org/wiki/OpenSSL#Vulnerability_in_the_Debian_implementation .. _`Yarrow`: http://en.wikipedia.org/wiki/Yarrow_algorithm |