diff options
author | markm <markm@FreeBSD.org> | 2002-07-15 13:58:35 +0000 |
---|---|---|
committer | markm <markm@FreeBSD.org> | 2002-07-15 13:58:35 +0000 |
commit | 2370535caa1ffd00e4480c7894e5e9381e52520d (patch) | |
tree | fb7e9c3d811aeb44859d7b6f68ad78e9fda5e601 /sys/dev/random/yarrow.c | |
parent | a22b6ae7fb60a1cfcb9cbdfc8e6146d714f11589 (diff) | |
download | FreeBSD-src-2370535caa1ffd00e4480c7894e5e9381e52520d.zip FreeBSD-src-2370535caa1ffd00e4480c7894e5e9381e52520d.tar.gz |
Upgrade the random device to use a "real" hash instead of building
one out of a block cipher. This has 2 advantages:
1) The code is _much_ simpler
2) We aren't committing our security to one algorithm (much as we
may think we trust AES).
While I'm here, make an explicit reseed do a slow reseed instead
of a fast; this is in line with what the original paper suggested.
Diffstat (limited to 'sys/dev/random/yarrow.c')
-rw-r--r-- | sys/dev/random/yarrow.c | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/sys/dev/random/yarrow.c b/sys/dev/random/yarrow.c index dd79c34..9407892 100644 --- a/sys/dev/random/yarrow.c +++ b/sys/dev/random/yarrow.c @@ -35,6 +35,7 @@ #include <sys/sysctl.h> #include <crypto/rijndael/rijndael.h> +#include <crypto/sha2/sha2.h> #include <dev/random/hash.h> #include <dev/random/randomdev.h> @@ -249,9 +250,7 @@ reseed(u_int fastslow) random_unblock(); } -/* Internal function to do return processed entropy from the - * Yarrow PRNG - */ +/* Internal function to return processed entropy from the PRNG */ int read_random_real(void *buf, int count) { @@ -343,5 +342,5 @@ generator_gate(void) void random_reseed(void) { - reseed(FAST); + reseed(SLOW); } |