Upgrade the random device to use a "real" hash instead of building

one out of a block cipher. This has 2 advantages: 1) The code is _much_ simpler 2) We aren't committing our security to one algorithm (much as we may think we trust AES). While I'm here, make an explicit reseed do a slow reseed instead of a fast; this is in line with what the original paper suggested.
author: markm <markm@FreeBSD.org> 2002-07-15 13:58:35 +0000
committer: markm <markm@FreeBSD.org> 2002-07-15 13:58:35 +0000
commit: 2370535caa1ffd00e4480c7894e5e9381e52520d (patch)
tree: fb7e9c3d811aeb44859d7b6f68ad78e9fda5e601 /sys/dev/random/hash.h
parent: a22b6ae7fb60a1cfcb9cbdfc8e6146d714f11589 (diff)
download: FreeBSD-src-2370535caa1ffd00e4480c7894e5e9381e52520d.zip
FreeBSD-src-2370535caa1ffd00e4480c7894e5e9381e52520d.tar.gz
1 files changed, 2 insertions, 6 deletions
diff --git a/sys/dev/random/hash.h b/sys/dev/random/hash.h
index 5a30821..b307bfc 100644
--- a/sys/dev/random/hash.h
+++ b/sys/dev/random/hash.h
@@ -26,14 +26,10 @@
  * $FreeBSD$
  */
 
-#define KEYSIZE		32		/* in bytes - 32 bytes == 256 bits */
+#define KEYSIZE		32		/* (in bytes) 32 bytes == 256 bits */
 
 struct yarrowhash {		/* Big! Make static! */
-	keyInstance hashkey;	/* Data cycles through here */
-	cipherInstance cipher;	/* Rijndael internal */
-	u_char hash[KEYSIZE];	/* Repeatedly encrypted */
-	char accum[KEYSIZE];	/* Accumulate partial chunks */
-	u_int partial;		/* Keep track of < KEYSIZE chunks */
+	SHA256_CTX	sha;
 };
 
 struct yarrowkey {		/* Big! Make static! */
author	markm <markm@FreeBSD.org>	2002-07-15 13:58:35 +0000
committer	markm <markm@FreeBSD.org>	2002-07-15 13:58:35 +0000
commit	2370535caa1ffd00e4480c7894e5e9381e52520d (patch)
tree	fb7e9c3d811aeb44859d7b6f68ad78e9fda5e601 /sys/dev/random/hash.h
parent	a22b6ae7fb60a1cfcb9cbdfc8e6146d714f11589 (diff)
download	FreeBSD-src-2370535caa1ffd00e4480c7894e5e9381e52520d.zip FreeBSD-src-2370535caa1ffd00e4480c7894e5e9381e52520d.tar.gz