SecRandomCopyBytes有多好？ [英] How good is SecRandomCopyBytes?

问题描述

如果它与OS X实现不同，我主要对 iOS 上 SecRandomCopyBytes 的实现感兴趣。 （我认为它确实如此，因为移动设备比台式计算机拥有越来越多的现成熵源。）

I'm principally interested in the implementation of SecRandomCopyBytes on iOS, if it differs from the OS X implementation. (I would presume that it does, since a mobile device has more and more readily available sources of entropy than a desktop computer.)

有没有人有关于的信息：

Does anyone have information on:

1. SecRandomCopyBytes从哪里获得熵？


2. 它可以产生多少好的随机数？


3. 如果没有足够的熵可以阻止或立即失败吗？


4. 符合FIPS 140-2标准，还是已包含在任何其他官方认证中？

1. Where SecRandomCopyBytes gets entropy from?
2. What rate it can generate good random numbers?
3. Will it block, or fail immediately if not enough entropy is available?
4. Is it FIPS 140-2 compliant, or has it been included in any other official certification?

该文件未涵盖这些要点。

The documentation does not cover these points.

我是只有能够找到听到 - 说评论它使用来自无线电，指南针，加速度计和其他来源的信息，但实际上代表Apple的人没有引用。

I've only been able to find hear-say comments that it uses information from radios, the compass, accelerometers and other sources, but no quotes from people actually representing Apple.

推荐答案

/ dev / random由SecurityServer的熵提供。 SecurityServer从内核事件跟踪（kdebug）收集熵。该方法在Mac OS X Internals.A Systems Approach一书中有所描述。您可以在线阅读，例如在 http://flylib.com/books/en /3.126.1.73/1/

/dev/random is fed by entropy from the SecurityServer. SecurityServer collecting entropy from the kernel event tracking (kdebug). The method is described in the book "Mac OS X Internals. A Systems Approach". You can read about it online for example at http://flylib.com/books/en/3.126.1.73/1/

熵收集的源代码在这里： http://www.opensource.apple.com/source/securityd/securityd-40600/src/entropy.cpp

the source code for the entropy collecting is here: http://www.opensource.apple.com/source/securityd/securityd-40600/src/entropy.cpp

在xnu-1504.9.37（OS X编写的最新版本）中，内核熵缓冲区填入 kernel_debug_internal（） ，仅使用时间信息。这是熵缓冲区写入的唯一位置。

In xnu-1504.9.37 (latest version for OS X as of writing), the kernel entropy buffer is filled in kernel_debug_internal(), using only timing information. This is the only place that the entropy buffer is written to.

if (entropy_flag && (kdebug_enable & KDEBUG_ENABLE_ENTROPY)) {
    if (kd_entropy_indx < kd_entropy_count) {
        kd_entropy_buffer [ kd_entropy_indx] = mach_absolute_time();
        kd_entropy_indx++;
    }

    if (kd_entropy_indx == kd_entropy_count) {
        /*
         * Disable entropy collection
         */
        kdebug_enable &= ~KDEBUG_ENABLE_ENTROPY;
        kdebug_slowcheck &= ~SLOW_ENTROPY;
    }
}

这篇关于SecRandomCopyBytes有多好？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！