Subject: Re: [boost] Boost.Uuid and header-only support
From: Peter Dimov (lists_at_[hidden])
Date: 2017-11-04 17:46:50
James E. King, III wrote:
> It would be safer to use Wincrypt on windows desktop for these reasons:
> 1. RtlGenRandom has no published interface...
> and may disappear at any time.
If it does, we'll deal with it.
> 2. Consumers who use their own Wincrypt provider for entropy would be
> broken by such a change.
First, there are no such consumers, and second, get_random_bytes has no way
to supply a "provider", by design.
> The token allows the POSIX implementation to use a different entropy
> provider device (other than /dev/urandom)...
I know. This is wrong and should never be used.
> or even a text file.
random_device is not the correct or portable way to use a text file as a
source of random numbers.
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk