Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

When reading rand.Reader may result in error?

Tags:

random

go

Do I understand correctly that crypto/rand.Reader can return Read error only on platforms not listed below, i.e. when it is not actually implemented?

// Reader is a global, shared instance of a cryptographically
// strong pseudo-random generator.
//
// On Linux, Reader uses getrandom(2) if available, /dev/urandom otherwise.
// On OpenBSD, Reader uses getentropy(2).
// On other Unix-like systems, Reader reads from /dev/urandom.
// On Windows systems, Reader uses the CryptGenRandom API.
var Reader io.Reader
like image 842
kopiczko Avatar asked Jan 05 '23 12:01

kopiczko

1 Answers

TL;DR; crypto/rand's Read() (and Reader.Read()) methods may fail due to a variety of reasons, even on the platforms listed as supported. Do not assume that calls to this functions will always succeed. Always check the error return value.

Do I understand correctly that crypto/rand.Reader can return Read error only on platforms not listed below, i.e. when it is not actually implemented?

No. For example, have a look at the Linux implementation of rand.Reader. If available, this implementation will use the getrandom Linux system call, which may fail with a number of errors (most importantly, EAGAIN):

EAGAIN - The requested entropy was not available, and getrandom() would have blocked if the GRND_NONBLOCK flag was not set.

The EAGAIN error quite literally tells you to "try again later"; the official meaning according to man 3 errno is "Resource temporarily unavailable". So when receiving an EAGAIN error you could simply keep trying for a certain time.

If getrandom is not available, the crypto/rand module will try to open and read from /dev/urandom (see source code), which might also fail for any number of reasons. These errors might not necessarily be of temporary nature (for example, issues with file system permissions); if your application depends on the availability of random data, you should treat an error like any other kind of non-recoverable error in your application.

For these reasons, you should not assume that rand.Read() will always succeed on Linux/UNIX and always check rand.Read()'s error return value.

like image 194
helmbert Avatar answered Jan 13 '23 11:01

helmbert
Sign in to Comment

Related questions

Unexpected return of anonymous struct
Could not expire a cookie
JSON Response in Beego Controller
Having trouble with gzip.Reader in Golang
Given an executable can I determine values of GOOS and GOARCH used to build it?
In docker cpu usage calculation what are: TotalUsage, SystemUsage, PercpuUsage and what does the calculation means?
Strange behaviour of int inside a struct
Simultaneous variable assignment in Go different from individual variable assignment
Does Go (deep) copy keys when inserting into a map?
Go: passing argv to C function
Fetch value from net/context in Golang
Printing Empty Json as a result [duplicate]
Using Heroku Scheduler add-on with Golang app
Get arbitary request header value in golang fasthttp
Map in order range loop
go test coverprofile cannot find package
S3 objects not expiring using the Golang SDK
How to add headers info using Transport in golang net/http
How do I list the public methods of a package in golang [duplicate]
Microservices centralized database model

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!