-
Notifications
You must be signed in to change notification settings - Fork 443
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Prefer arc4random on Apple platforms #1544
Conversation
We swap from getentropy() to arc4random_buf on Apple platforms as Apple's documentation discourages its use. This also allows us to not have to use SecCopyRandomBytes which can fail. arc4random_buf() however never fails.
We don't have an iOS test platform; have you been able to test it there to confirm it builds? |
I have tested it on tvOS, iOS, macOS m1. They all compile fine. Maybe we can use the file in https://github.com/leetal/ios-cmake to setup builds for the iOS / tvOS platforms? I'm assuming the licensing is fine. I can set that up in a different PR. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the suggestion(s) and this PR to improve building on those platforms!
One concern, though
so we propose using arc4random_buf() as it can never fail.
Can you please link to documentation confirming that arc4random_buf
is at least as secure as SecRandomCopyBytes
? Something with "RC4" in its name doesn't create warm and fuzzy feelings about its security properties :-)
Otherwise the PR LGTM, particularly if you confirm
tested it on tvOS, iOS, macOS m1. They all compile fine.
Ah the "RC4" name is from the old days, from the manpage
On the topic of being secure, from the manpage
It seems like the intent of apple here is to provide a simple to use cryptographically-secure random number generator that they will update as technology progresses. |
I was worried about that too, but also found the passage that res0nance quoted saying that it's no longer specifically using RC4. So I think it's okay. |
Sounds like a nice addition to avoid regression, too. Looking forward to the PR. Any chance to run the result in CI, too (in an emulator)? |
On Apple platforms arc4random is always available and it never fails. This removes a possible failure mode of liboqs on Apple platforms with
getentropy()
.The man page for
getentropy()
on MacOSX also discourages its useOn iOS we currently use SecRandomCopyBytes() this requires linking to the Security framework and the call can fail. We have run into issues with this call failing so we propose using
arc4random_buf()
as it can never fail.