diff options
| author | Richard Levitte <levitte@openssl.org> | 2018-05-02 06:24:20 +0200 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2018-05-02 10:18:29 +0200 |
| commit | 6ebb49f3f9c9333611192561979bb799fa1eb76d (patch) | |
| tree | d178ba8101e0038d186095959c15149b9b6da977 /crypto/include | |
| parent | 6299c7a4020294582d9424cb8aaf439d2ff0da94 (diff) | |
Change rand_pool_bytes_needed to handle less entropy than 1 per 8 bits
rand_pool_bytes_needed() was constructed in such a way that the
smallest acceptable entropy factor was 1 entropy bits per 8 bits of
data. At the same time, we have a DRBG_MINMAX_FACTOR that allows
weaker source, as small as 1 bit of entropy per 128 bits of data.
The conclusion is that rand_pool_bytes_needed() needs to change to
support weaker entropy sources. We therefore change the input of
entropy per byte to be an entropy factor instead. This entropy factor
expresses how many bits of data it takes (on average) to get 1 bit of
entropy.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6150)
Diffstat (limited to 'crypto/include')
| -rw-r--r-- | crypto/include/internal/rand_int.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/include/internal/rand_int.h b/crypto/include/internal/rand_int.h index cf82e4a640..daec926c67 100644 --- a/crypto/include/internal/rand_int.h +++ b/crypto/include/internal/rand_int.h @@ -63,7 +63,8 @@ size_t rand_pool_length(RAND_POOL *pool); size_t rand_pool_entropy_available(RAND_POOL *pool); size_t rand_pool_entropy_needed(RAND_POOL *pool); -size_t rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_per_byte); +/* |entropy_factor| expresses how many bits of data contain 1 bit of entropy */ +size_t rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor); size_t rand_pool_bytes_remaining(RAND_POOL *pool); int rand_pool_add(RAND_POOL *pool, |