• Stephan Mueller's avatar
    crypto: drbg - use Jitter RNG to obtain seed · b8ec5ba4
    Stephan Mueller authored
    During initialization, the DRBG now tries to allocate a handle of the
    Jitter RNG. If such a Jitter RNG is available during seeding, the DRBG
    pulls the required entropy/nonce string from get_random_bytes and
    concatenates it with a string of equal size from the Jitter RNG. That
    combined string is now the seed for the DRBG.
    
    Written differently, the initial seed of the DRBG is now:
    
    get_random_bytes(entropy/nonce) || jitterentropy (entropy/nonce)
    
    If the Jitter RNG is not available, the DRBG only seeds from
    get_random_bytes.
    
    CC: Andreas Steffen <andreas.steffen@strongswan.org>
    CC: Theodore Ts'o <tytso@mit.edu>
    CC: Sandy Harris <sandyinchina@gmail.com>
    Signed-off-by: default avatarStephan Mueller <smueller@chronox.de>
    Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    b8ec5ba4
drbg.c 55.3 KB