如何在 C 中使用/dev/random 或 urandom? [英] How to use /dev/random or urandom in C?

问题描述

我想在 C 中使用 /dev/random 或 /dev/urandom.我该怎么做?我不知道如何在 C 中处理它们，如果有人知道请告诉我如何处理.谢谢你.

I want to use /dev/random or /dev/urandom in C. How can I do it? I don't know how can I handle them in C, if someone knows please tell me how. Thank you.

推荐答案

一般来说，最好避免打开文件来获取随机数据，因为程序中有很多故障点.

In general, it's a better idea to avoid opening files to get random data, because of how many points of failure there are in the procedure.

在最近的 Linux 发行版中，getrandom 系统调用可用于获取加密安全的随机数，并且不会失败 如果 GRND_RANDOM not 被指定为标志读取量最大为256字节.

On recent Linux distributions, the getrandom system call can be used to get crypto-secure random numbers, and it cannot fail if GRND_RANDOM is not specified as a flag and the read amount is at most 256 bytes.

截至 2017 年 10 月，OpenBSD、Darwin 和 Linux(带有 -lbsd)现在都实现了 arc4random 是加密安全的，不会失败.这使它成为一个非常有吸引力的选择:

As of October 2017, OpenBSD, Darwin and Linux (with -lbsd) now all have an implementation of arc4random that is crypto-secure and that cannot fail. That makes it a very attractive option:

char myRandomData[50];
arc4random_buf(myRandomData, sizeof myRandomData); // done!

否则，您可以像使用文件一样使用随机设备.您从它们中读取并获得随机数据.我在这里使用 open/read，但 fopen/fread 也能正常工作.

Otherwise, you can use the random devices as if they were files. You read from them and you get random data. I'm using open/read here, but fopen/fread would work just as well.

int randomData = open("/dev/urandom", O_RDONLY);
if (randomData < 0)
{
    // something went wrong
}
else
{
    char myRandomData[50];
    ssize_t result = read(randomData, myRandomData, sizeof myRandomData);
    if (result < 0)
    {
        // something went wrong
    }
}

在关闭文件描述符之前，您可以读取更多的随机字节./dev/urandom 永远不会阻塞，并且总是按照您的要求填充尽可能多的字节，除非系统调用被信号中断.它被认为是加密安全的，应该是您的首选随机设备.

You may read many more random bytes before closing the file descriptor. /dev/urandom never blocks and always fills in as many bytes as you've requested, unless the system call is interrupted by a signal. It is considered cryptographically secure and should be your go-to random device.

/dev/random 更挑剔.在大多数平台上，它可以返回比您要求的更少的字节，并且如果没有足够的可用字节，它会阻塞.这使得错误处理的故事更加复杂:

/dev/random is more finicky. On most platforms, it can return fewer bytes than you've asked for and it can block if not enough bytes are available. This makes the error handling story more complex:

int randomData = open("/dev/random", O_RDONLY);
if (randomData < 0)
{
    // something went wrong
}
else
{
    char myRandomData[50];
    size_t randomDataLen = 0;
    while (randomDataLen < sizeof myRandomData)
    {
        ssize_t result = read(randomData, myRandomData + randomDataLen, (sizeof myRandomData) - randomDataLen);
        if (result < 0)
        {
            // something went wrong
        }
        randomDataLen += result;
    }
    close(randomData);
}

这篇关于如何在 C 中使用/dev/random 或 urandom?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！