Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to use /dev/random or urandom in C?

Tags:

c

linux

random

I want to use /dev/random or /dev/urandom in C. How can I do it? I don't know how can I handle them in C, if someone knows please tell me how. Thank you.

like image 484
stojance Avatar asked Apr 03 '10 19:04

stojance


People also ask

What is the difference between Dev random and Dev urandom?

'Urandom' is used where there is constant need of random numbers and its randomness is not much important while 'random' is used where there is a security concern and its randomness should be reliable as it blocks outputting random numbers if entropy is not up to the mark.

How do I get a random number from Dev urandom?

You can use /dev/urandom to generate pseudo-random numbers on the command line like this. Commands like this that pull data from /dev/urandom and use od to process it can generate nearly random numbers. Run the same command numerous times and you'll see that you get a range of numbers.

Is Dev urandom random?

/dev/urandom and /dev/random use the same random number generator. They both are seeded by the same entropy pool. They both will give an equally random number of an arbitrary size. They both can give an infinite amount of random numbers with only a 256 bit seed.

What does Dev urandom do?

When read, the /dev/urandom device returns random bytes using a pseudorandom number generator seeded from the entropy pool. Reads from this device do not block (i.e., the CPU is not yielded), but can incur an appreciable delay when requesting large amounts of data.


1 Answers

In general, it's a better idea to avoid opening files to get random data, because of how many points of failure there are in the procedure.

On recent Linux distributions, the getrandom system call can be used to get crypto-secure random numbers, and it cannot fail if GRND_RANDOM is not specified as a flag and the read amount is at most 256 bytes.

As of October 2017, OpenBSD, Darwin and Linux (with -lbsd) now all have an implementation of arc4random that is crypto-secure and that cannot fail. That makes it a very attractive option:

char myRandomData[50]; arc4random_buf(myRandomData, sizeof myRandomData); // done! 

Otherwise, you can use the random devices as if they were files. You read from them and you get random data. I'm using open/read here, but fopen/fread would work just as well.

int randomData = open("/dev/urandom", O_RDONLY); if (randomData < 0) {     // something went wrong } else {     char myRandomData[50];     ssize_t result = read(randomData, myRandomData, sizeof myRandomData);     if (result < 0)     {         // something went wrong     } } 

You may read many more random bytes before closing the file descriptor. /dev/urandom never blocks and always fills in as many bytes as you've requested, unless the system call is interrupted by a signal. It is considered cryptographically secure and should be your go-to random device.

/dev/random is more finicky. On most platforms, it can return fewer bytes than you've asked for and it can block if not enough bytes are available. This makes the error handling story more complex:

int randomData = open("/dev/random", O_RDONLY); if (randomData < 0) {     // something went wrong } else {     char myRandomData[50];     size_t randomDataLen = 0;     while (randomDataLen < sizeof myRandomData)     {         ssize_t result = read(randomData, myRandomData + randomDataLen, (sizeof myRandomData) - randomDataLen);         if (result < 0)         {             // something went wrong         }         randomDataLen += result;     }     close(randomData); } 
like image 97
zneak Avatar answered Sep 20 '22 03:09

zneak