[Midnightbsd-cvs] src [8047] trunk/lib/libc/stdlib: warn against using these for cryptographic purposes.

laffer1 at midnightbsd.org laffer1 at midnightbsd.org
Thu Sep 15 16:58:47 EDT 2016 

Revision: 8047
          http://svnweb.midnightbsd.org/src/?rev=8047
Author:   laffer1
Date:     2016-09-15 16:58:47 -0400 (Thu, 15 Sep 2016)
Log Message:
-----------
warn against using these for cryptographic purposes.

Modified Paths:
--------------
    trunk/lib/libc/stdlib/rand.3
    trunk/lib/libc/stdlib/random.3

Modified: trunk/lib/libc/stdlib/rand.3
===================================================================
--- trunk/lib/libc/stdlib/rand.3	2016-09-15 20:58:03 UTC (rev 8046)
+++ trunk/lib/libc/stdlib/rand.3	2016-09-15 20:58:47 UTC (rev 8047)
@@ -32,7 +32,7 @@
 .\"     @(#)rand.3	8.1 (Berkeley) 6/4/93
 .\" $FreeBSD$
 .\"
-.Dd October 6, 2010
+.Dd September 4, 2012
 .Dt RAND 3
 .Os
 .Sh NAME
@@ -55,9 +55,15 @@
 .Fn rand_r "unsigned *ctx"
 .Sh DESCRIPTION
 .Bf -symbolic
+The functions described in this manual page are not cryptographically
+secure.
+Cryptographic applications should use
+.Xr arc4random 3
+instead.
+.Ef
+.Pp
 These interfaces are obsoleted by
 .Xr random 3 .
-.Ef
 .Pp
 The
 .Fn rand
@@ -88,9 +94,6 @@
 function initializes a seed using the
 .Xr random 4
 random number device which returns good random numbers.
-However, the
-.Fn rand
-function still remains unsuitable for cryptographic use.
 .Pp
 The
 .Fn rand_r
@@ -105,8 +108,6 @@
 .Xr random 3
 or
 .Xr lrand48 3 .
-Applications requiring cryptographic quality randomness should use
-.Xr arc4random 3 .
 .Sh SEE ALSO
 .Xr arc4random 3 ,
 .Xr lrand48 3 ,

Modified: trunk/lib/libc/stdlib/random.3
===================================================================
--- trunk/lib/libc/stdlib/random.3	2016-09-15 20:58:03 UTC (rev 8046)
+++ trunk/lib/libc/stdlib/random.3	2016-09-15 20:58:47 UTC (rev 8047)
@@ -28,7 +28,7 @@
 .\"     @(#)random.3	8.1 (Berkeley) 6/4/93
 .\" $FreeBSD$
 .\"
-.Dd June 4, 1993
+.Dd September 4, 2012
 .Dt RANDOM 3
 .Os
 .Sh NAME
@@ -53,6 +53,14 @@
 .Ft char *
 .Fn setstate "char *state"
 .Sh DESCRIPTION
+.Bf -symbolic
+The functions described in this manual page are not cryptographically
+secure.
+Cryptographic applications should use
+.Xr arc4random 3
+instead.
+.Ef
+.Pp
 The
 .Fn random
 function
@@ -98,10 +106,8 @@
 .Pp
 The
 .Fn srandomdev
-routine initializes a state array using the
-.Xr random 4
-random number device which returns good random numbers,
-suitable for cryptographic use.
+routine initializes a state array using data from
+.Xr random 4 .
 Note that this particular seeding
 procedure can generate states which are impossible to reproduce by
 calling
@@ -191,6 +197,3 @@
 random sequence did not vary much with the seed.
 The current implementation employs a better pseudo-random number
 generator for the initial state calculation.
-.Pp
-Applications requiring cryptographic quality randomness should use
-.Xr arc4random 3 .

More information about the Midnightbsd-cvs mailing list