Re: pgcrypto: implement gen_random_uuid - Mailing list pgsql-hackers

From Oskari Saarenmaa
Subject Re: pgcrypto: implement gen_random_uuid
Date
Msg-id 52D394B6.9010204@ohmu.fi
Whole thread Raw
In response to Re: pgcrypto: implement gen_random_uuid  (Wim Lewis <wiml@omnigroup.com>)
List pgsql-hackers
13.01.2014 04:35, Wim Lewis kirjoitti:
> One comment, this:
>
>>   /* get 128 random bits */
>>   int err = px_get_random_bytes(buf, 16);
>
> might be better to use px_get_pseudo_random_bytes(). UUIDs don't
> need to be unguessable or have perfect entropy; they just need to
> be collision-resistant. RFC4122 mentions this I think, and if you
> look at the ossp-uuid function that this is replacing, it also uses
> its internal PRNG for v4 UUIDs rather than strong high-entropy
> randomness.
>
> (The downside of requesting strong randomness when you don't need
> it is that it can potentially cause the server to block while the
> system gathers entropy.)

pgcrypto's px_get_pseudo_random_bytes is just a wrapper for 
px_get_random_bytes which itself calls system_reseed and 
fortuna_get_bytes.  system_reseed function tries to read from 
/dev/urandom, and only uses /dev/random if reading urandom fails, so it 
should never block on systems which have urandom.

That said, it may still make sense to use px_get_pseudo_random_bytes 
instead just in case it ever gets modified to do something lighter than 
px_get_random_bytes.

Thanks for the review,
Oskari




pgsql-hackers by date:

Previous
From: Rajeev rastogi
Date:
Subject: Re: Standalone synchronous master
Next
From: Pavel Stehule
Date:
Subject: Re: plpgsql.consistent_into