sysadmin/ipxe
1
0
Fork 0
mirror of https://github.com/ipxe/ipxe synced 2025-12-19 02:50:25 +03:00
Code Issues Packages Projects Releases Wiki Activity

[rng] Add ANS X9.82 Approved Source of Entropy Input

Browse Source 
ANS X9.82 specifies several Approved Sources of Entropy Input (SEI).
One such SEI uses an entropy source as the Source of Entropy Input,
condensing each entropy source output after each GetEntropy call.
This can be implemented relatively cheaply in iPXE and avoids the need
to allocate potentially very large buffers.

(Note that the terms "entropy source" and "Source of Entropy Input"
are not synonyms within the context of ANS X9.82.)

Use the iPXE API mechanism to allow entropy sources to be selected at
compilation time.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown
2012-02-19 22:14:06 +00:00
parent c2668b61ea
commit 073f41085f
12 changed files with 410 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/crypto/drbg.c
View File

@@ -63,7 +63,7 @@ int drbg_instantiate ( struct drbg_state *state, const void *personal,
unsigned int entropy_bits = ( ( 3 * DRBG_SECURITY_STRENGTH + 1 ) / 2 );
size_t min_len = DRBG_MIN_ENTROPY_LEN_BYTES;
size_t max_len = DRBG_MAX_ENTROPY_LEN_BYTES;
uint8_t data[ entropy_bufsize ( entropy_bits, min_len, max_len ) ];
uint8_t data[max_len];
int len;
int rc;
@@ -175,7 +175,7 @@ int drbg_reseed ( struct drbg_state *state, const void *additional,
unsigned int entropy_bits = DRBG_SECURITY_STRENGTH;
size_t min_len = DRBG_MIN_ENTROPY_LEN_BYTES;
size_t max_len = DRBG_MAX_ENTROPY_LEN_BYTES;
uint8_t data[ entropy_bufsize ( entropy_bits, min_len, max_len ) ];
uint8_t data[max_len];
int len;
int rc;