Re: [U-Boot] [PATCH v4 1/3] lib: add rand() function
Dear Michael Walle,
please keep the ML on Cc: - thanks.
In message 201205112249.27871.michael@walle.cc you wrote:
+static unsigned int y = 2463534242U;
Hm... can we introduce at least a little entropy somewhere?
Mh? A user is supposed to seed via srand().
Then why initialize y at all?
To have a sane fallback. Maybe i should have written "A user is supposed to seed via srand() if he wan't some entropy."
This is inconsequent. Either we assume that the user will seed srand(), then y should not be initialized at all, so it goes to the BSS segment and does not waste space in the binary image. Or we want to deal with cases where the user doesn call srand(), and then we should provide a bit better than such a static initialization.
Best regards,
Wolfgang Denk
please keep the ML on Cc: - thanks.
sorry wrong key
In message 201205112249.27871.michael@walle.cc you wrote:
+static unsigned int y = 2463534242U;
Hm... can we introduce at least a little entropy somewhere?
Mh? A user is supposed to seed via srand().
Then why initialize y at all?
To have a sane fallback. Maybe i should have written
"A user is supposed to seed via srand() if he wan't some
entropy."
This is inconsequent. Either we assume that the user will seed srand(), then y should not be initialized at all, so it goes to the BSS segment and does not waste space in the binary image. Or we want to deal with cases where the user doesn call srand(), and then we should provide a bit better than such a static initialization.
Again, i wanted to stick with the regular rand() srand() semantics.
http://pubs.opengroup.org/onlinepubs/009695399/functions/rand.html "If rand() is called before any calls to srand() are made, the same sequence shall be generated as when srand() is first called with a seed value of 1."
But i'm fine with removing the initialization.
Dear Michael Walle,
In message 201205112320.15462.michael@walle.cc you wrote:
This is inconsequent. Either we assume that the user will seed srand(), then y should not be initialized at all, so it goes to the BSS segment and does not waste space in the binary image. Or we want to deal with cases where the user doesn call srand(), and then we should provide a bit better than such a static initialization.
Again, i wanted to stick with the regular rand() srand() semantics.
http://pubs.opengroup.org/onlinepubs/009695399/functions/rand.html "If rand() is called before any calls to srand() are made, the same sequence shall be generated as when srand() is first called with a seed value of 1."
Good point.
But then y should be initialized as 1 ?
Best regards,
Wolfgang Denk
Am Freitag 11 Mai 2012, 23:29:47 schrieb Wolfgang Denk:
Dear Michael Walle,
In message 201205112320.15462.michael@walle.cc you wrote:
This is inconsequent. Either we assume that the user will seed srand(), then y should not be initialized at all, so it goes to the BSS segment and does not waste space in the binary image. Or we want to deal with cases where the user doesn call srand(), and then we should provide a bit better than such a static initialization.
Again, i wanted to stick with the regular rand() srand() semantics.
http://pubs.opengroup.org/onlinepubs/009695399/functions/rand.html "If rand() is called before any calls to srand() are made, the same sequence shall be generated as when srand() is first called with a seed value of 1."
Good point.
But then y should be initialized as 1 ?
I'm no crypto expert, so i sticked with the values/examples from the cited paper. But i guess it shouldn't make any difference, i'll change it to 1.
participants (2)
-
Michael Walle -
Wolfgang Denk