[Mono-devel-list] /dev/random replacement?

Sébastien Pouliot spouliot at videotron.ca
Mon Dec 15 16:44:27 EST 2003


Bernie,

The daemon based approach is a much better way to gather entropy than you
could never achieve with a library. I wonder if HP/UX doesn't have it's own
mechanism, like most OS, to gather random.

Anyway before (the recent) runtime update Mono had the same problem under
Windows - the lack of /dev/[u]random. The .NET cryptography is easy to
extend using the CryptoConfig class and the machine.config file. The
configuration setup is detailled at the following link:
http://cvs.hispalinux.es/cgi-bin/cvsweb/~checkout~/mcs/class/Mono.Security.W
in32/README?rev=1.1&content-type=text/plain&cvsroot=mono

Also look into
/mcs/class/Mono.Security.Win32/Mono.Security.Cryptography/RNGCryptoServicePr
ovider.cs for the class implementation. You should be able to just "plug-in"
your own random source.

Sebastien Pouliot
Security Architect, Motus Technologies, http://www.motus.com
work: spouliot at motus.com
home: spouliot at videotron.ca
blog: http://pages.infinit.net/ctech/poupou.html


-----Original Message-----
From: mono-devel-list-admin at lists.ximian.com
[mailto:mono-devel-list-admin at lists.ximian.com]On Behalf Of Bernie
Solomon
Sent: 15 décembre 2003 16:27
To: mono-devel-list at lists.ximian.com
Subject: [Mono-devel-list] /dev/random replacement?



In my work on HPUX I have now got to the stage where the lack of /dev/random
is a problem because System.Web.SessionState.SessionId uses the crypto
random number generator which relies on this device which this version of
HPUX does not have (11.00). I'm wondering what the best way of handling this
is. There seem to be various daemons available (egd & prngd are a couple
I've found) but ideally I'd like something that doesn't need a daemon set up
on a machine at all (i.e. just library based). I realize this may not
necessarily be fully cryptographically secure but for my use something that
works in practice is good enough for me. Or maybe this needs to be some sort
of configure option as to how secure you want things.

I'm not an expert in this so was wondering if anyone had recommendations on
what to do. I'll do the necessary implementation if I can.

Thanks

Bernie Solomon

_______________________________________________
Mono-devel-list mailing list
Mono-devel-list at lists.ximian.com
http://lists.ximian.com/mailman/listinfo/mono-devel-list




More information about the Mono-devel-list mailing list