[Pkg-gnutls-maint] Bug#416717: libgcrypt11-doc: not happy with
documentation
Werner Koch
wk at gnupg.org
Fri Mar 30 09:51:46 UTC 2007
On Fri, 30 Mar 2007 01:43, jdorje at users.sf.net said:
> There is a one-line description of each function, but no description of how
> things actually work or are intended to be used.
You may want to write such docs and contribute them. In the meantime
GnuPG 2.0 is a good example on how to use Libgcrypt.
> * If I use gcry_randomize, do I need to use gcry_random_add_bytes within
> the same program?
No, it is just planned for adding addditional entropy:
Add BUFLEN bytes from BUF to the internal random pool. QUALITY
should be in the range of 0..100 to indicate the goodness of the
entropy added, or -1 for goodness not known.
Note, that this function currently does nothing.
> * If I use gcry_randomize too much and run out of entropy, what happens? Will
> it block? Or do I get sucky random numbers?
It will block. However this is only an issue if you request
GCRY_VERY_STRONG_RANDOM.
> * How much less random are the values returned by gcry_create_nonce? For
> what applications might I use them instead of gcry_randomize? And if
> gcry_randomize never blocks, why shouldn't I always use it?
A nonce is something different. Please read the the cryptographic
literature to learn what a nonce is.
> By testing a few things it appears as though gcry_randomize always accesses
> /dev/urandom for its entropy. Thus on my system it never blocks but may
The SVN trunk of random.c is much better commented; you might want to
read it.
Shalom-Salam,
Werner
More information about the Pkg-gnutls-maint
mailing list