shrub/README.md

43 lines
1.6 KiB
Markdown
Raw Normal View History

2018-12-27 22:43:48 +03:00
libent is a cross-platform wrapper around `getentropy(2)`. It exports
2018-12-31 20:19:28 +03:00
one symbol, `ent_getentropy`. If `getentropy` is available, then it's
just a macro that expands to that. Otherwise, it uses `getrandom(2)`
(available since kernel 3.17) on Linux, or `/dev/urandom` on other
\*nix.
### Building
It uses meson. `meson ./build && ninja -C build` should do the trick.
#### Build options
It has one option, `support-older-oses`, which tells it to be
conservative. On Linux, this means using `getrandom` directly; on other
\*nix, it means opening `/dev/urandom`. This may make sense if you want
your binaries to run on older versions of the same OS. If your program
is mostly built from source, don't bother.
2018-12-27 23:17:10 +03:00
### Why?
`getentropy` is the wave of the future. It's the correct API for
generating small amounts of entropy to create cryptographic keys or seed
2018-12-31 20:19:28 +03:00
PRNGs. It's good and reasonable and true, it's on Linux, \*BSD, and OS
X, and it only took us fifty years of UNIX to get here.
2018-12-27 23:17:10 +03:00
Sadly, it only just arrived, so nobody has it yet. It didn't land in
Linux until glibc 2.25, which seems to only have made it into Debian 10.
Once `getentropy` is everywhere you care about, you can just do a
2018-12-31 20:19:28 +03:00
s/ent\_//g on all the call sites and discard this shim.
This project began because [Urbit](https://github.com/urbit/urbit)'s
entropy-generation function was bothering me. Then it got out of hand.
### What about Windows?
I'm happy to receive donations or pull requests.
2018-12-27 23:17:10 +03:00
2018-12-31 20:19:28 +03:00
### References
2018-12-27 22:43:48 +03:00
* [OpenBSD getentropy](https://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2)
* [djb on entropy gathering](https://blog.cr.yp.to/20140205-entropy.html)