shrub/README.md
2018-12-31 17:19:28 +00:00

1.6 KiB

libent is a cross-platform wrapper around getentropy(2). It exports one symbol, ent_getentropy. If getentropy is available, then it's just a macro that expands to that. Otherwise, it uses getrandom(2) (available since kernel 3.17) on Linux, or /dev/urandom on other *nix.

Building

It uses meson. meson ./build && ninja -C build should do the trick.

Build options

It has one option, support-older-oses, which tells it to be conservative. On Linux, this means using getrandom directly; on other *nix, it means opening /dev/urandom. This may make sense if you want your binaries to run on older versions of the same OS. If your program is mostly built from source, don't bother.

Why?

getentropy is the wave of the future. It's the correct API for generating small amounts of entropy to create cryptographic keys or seed PRNGs. It's good and reasonable and true, it's on Linux, *BSD, and OS X, and it only took us fifty years of UNIX to get here.

Sadly, it only just arrived, so nobody has it yet. It didn't land in Linux until glibc 2.25, which seems to only have made it into Debian 10.

Once getentropy is everywhere you care about, you can just do a s/ent_//g on all the call sites and discard this shim.

This project began because Urbit's entropy-generation function was bothering me. Then it got out of hand.

What about Windows?

I'm happy to receive donations or pull requests.

References