Boost logo

Boost :

Subject: Re: [boost] Boost.Uuid and header-only support
From: Peter Dimov (lists_at_[hidden])
Date: 2017-11-04 15:40:02

Andrey Semashev wrote:

> The proposal to make Boost.Random header-only was rejected by Steven.

This sounds like essential context that might have been worth mentioning.

Steven is right that we're still dependent on Boost.System, this needs to be
solved somehow.

To get back to Uuid. The whole seed_rng file needs to be retired. It's only
an implementation detail of a primitive operation that returns N random
bytes. At the time seed_rng was written, there was no good way of obtaining
high quality randomness from the OS, but this is not the case today.

What the Uuid library needs, when generating a random UUID, is just an array
of random bytes; there's no need to create a random number generator, then
seed it. None at all. This is historical baggage.

And in my opinion, all the conceptification and templatization in James's PR
is completely unnecessary and just adds complexity. What we need is this:

namespace boost
    int get_random_bytes( void * buffer, size_t size ); // returns errno

This happens to match the Linux function with the same name but this is

The implementation of this function needs to

- read from /dev/urandom on POSIX
- use RtlGenRandom on Windows desktop
- use Bcrypt on Windows non-desktop

We have to decide where to put it though. Utility springs to mind as a first

Switching topics back to Boost.Random, I consider the use of the token to
select a cryptographic provider a bad practice. Even the POSIX path should
ignore the token. get_random_bytes is the way to go. But that's a separate

Boost list run by bdawes at, gregod at, cpdaniel at, john at