mirror of https://github.com/mkerrisk/man-pages
random.4: Minor fixes
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
17ad768d41
commit
792bb5ad59
|
@ -37,8 +37,8 @@ The generator also keeps an estimate of the
|
||||||
number of bits of noise in the entropy pool.
|
number of bits of noise in the entropy pool.
|
||||||
From this entropy pool random numbers are created.
|
From this entropy pool random numbers are created.
|
||||||
.LP
|
.LP
|
||||||
When read, the \fI/dev/random\fP device will only return random bytes
|
When read, the \fI/dev/random\fP device will return random bytes
|
||||||
within the estimated number of bits of noise in the entropy
|
only within the estimated number of bits of noise in the entropy
|
||||||
pool.
|
pool.
|
||||||
\fI/dev/random\fP should be suitable for uses that need very
|
\fI/dev/random\fP should be suitable for uses that need very
|
||||||
high quality randomness such as one-time pad or key generation.
|
high quality randomness such as one-time pad or key generation.
|
||||||
|
@ -48,13 +48,13 @@ If
|
||||||
.BR open (2)
|
.BR open (2)
|
||||||
is called for
|
is called for
|
||||||
.I /dev/random
|
.I /dev/random
|
||||||
with flag
|
with the flag
|
||||||
.BR O_NONBLOCK ,
|
.BR O_NONBLOCK ,
|
||||||
a subsequent
|
a subsequent
|
||||||
.BR read (2)
|
.BR read (2)
|
||||||
will not block if the requested number of bytes is not available.
|
will not block if the requested number of bytes is not available.
|
||||||
Instead, the available bytes are returned.
|
Instead, the available bytes are returned.
|
||||||
If no byte is available
|
If no byte is available,
|
||||||
.BR read (2)
|
.BR read (2)
|
||||||
will return -1 and
|
will return -1 and
|
||||||
.I errno
|
.I errno
|
||||||
|
@ -77,8 +77,8 @@ has no effect when opening
|
||||||
.IR /dev/urandom .
|
.IR /dev/urandom .
|
||||||
When calling
|
When calling
|
||||||
.BR read (2)
|
.BR read (2)
|
||||||
for device
|
for the device
|
||||||
.I /dev/urandom
|
.IR /dev/urandom ,
|
||||||
signals will not be handled until after the requested random bytes
|
signals will not be handled until after the requested random bytes
|
||||||
have been generated.
|
have been generated.
|
||||||
.LP
|
.LP
|
||||||
|
@ -127,8 +127,8 @@ The amount of seed material required to generate a cryptographic key
|
||||||
equals the effective key size of the key.
|
equals the effective key size of the key.
|
||||||
For example, a 3072-bit RSA
|
For example, a 3072-bit RSA
|
||||||
or Diffie-Hellman private key has an effective key size of 128 bits
|
or Diffie-Hellman private key has an effective key size of 128 bits
|
||||||
(it requires about 2^128 operations to break) so a key generator only
|
(it requires about 2^128 operations to break) so a key generator
|
||||||
needs 128 bits (16 bytes) of seed material from
|
needs only 128 bits (16 bytes) of seed material from
|
||||||
.IR /dev/random .
|
.IR /dev/random .
|
||||||
|
|
||||||
While some safety margin above that minimum is reasonable, as a guard
|
While some safety margin above that minimum is reasonable, as a guard
|
||||||
|
|
Loading…
Reference in New Issue