[PATCH 00/17] Multiple changes to crypto/ansi_cprng.c

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thank you all for your hospitality to my amateurish efforts.

Given that this all started with me reading the code in an attempt to
understand it, it is likely that some of the "problems" I address are
actually misunderstandings on my part.  If all I get from this patch series
is some enlightenment, that's okay.

It's even more likely that some parts contain the germ of a good idea,
but will need considerable rework to be acceptable.  I look forward
to that too.

Expecting that much more work will be needed, I've run the testmgr.h
test vectors on this code, but haven't desk-checked it as thoroughly as
security-sensitive code should be before final acceptance.  If the ideas
pass muster, I'll double-check the implementatoin details.

Really, I'm just trying to understand the code.  Patches are just
a very specific way of talking about it.

Here's an overview of the series.  It's a lot of code cleanup, and
a bit of semantic change.

[01/17] crypto: ansi_cprng - Rename rand_data_valid more sensibly
	I find it confusing, so I rename it to rand_data_pos
[02/17] crypto: ansi_cprng - Eliminate ctx->last_rand_data
	Shrink the context structure.
[03/17] crypto: ansi_cprng - Eliminate ctx->I
	Shrink it some more.
[04/17] crypto: ansi_cprng - simplify xor_vectors() to xor_block()
	We don't need a size parameter.
[05/17] crypto: ansi_cprng - Add const annotations to hexdump()
	I like const.
[06/17] crypto: ansi_cprng - Eliminate unused PRNG_FIXED_SIZE flag
	It's dead code ACAICT.
[07/17] crypto: ansi_cprng - Shrink rand_read_pos & flags
	A little more context shrinking.
[08/17] crypto: ansi_cprng - Require non-null key & V in reset_prng_context
	Sue to the PRNG_NEED_RESET flag, cprng_init() doesn't need to call
	reset_prng_context) directly.
[09/17] crypto: ansi_cprng - Clean up some variable types
	Try to be more consistent about signed vs. unsigned.
[10/17] crypto: ansi_cprng - simplify get_prng_bytes
	Code shrink & simplification.
[11/17] crypto: ansi_cprng - unroll _get_more_prng_bytes
	Slight object code size savings, and definite readability improvement.
[12/17] crypto: ansi_cprng - Create a "block buffer" data type
	union { u8 bytes[16]; u32 ints[4]; u64 longs[2]; }, sort of.
[13/17] crypto: ansi_cprng - If DT is not provided, use a fresh timestamp
	This is the big semantic change.  I'm rather proud of the use
	of get_random_int() as a timestamp, but feedback is definitely
	solicited!
[14/17] crypto: ansi_cprng - If DT is omitted, don't buffer old output
	Not sure if this is desirable or not.
[15/17] crypto: testmgr - Teach test_cprng to handle non-default seed sizes
	I consider this a latent bug that patch 17 sould expose.
[16/17] crypto: testmgr - Merge seed arrays in struct cprng_testvec
	I think this is a better way of solving the preceding problem,
	but it's more intrusive.  All the consts I add are not a critical
	part of the patch, but an example of what I'd like to do to the
	rest of the code.
[17/17] crypto: ansi_cprng - Shrink default seed size
	This makes (some amount of) true entropy the default.
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux