Am Dienstag, 2. Dezember 2014, 03:35:50 schrieb George Spelvin:
Hi George,
>It's simply not necessary.
Can you please be a bit more verbose on why you think this is not
necessary?
Have you tested that change with reference test vectors -- what do
testmgr test vectors say?
>
>Signed-off-by: George Spelvin <linux@xxxxxxxxxxx>
>---
> crypto/ansi_cprng.c | 28 +++++++++++-----------------
> 1 file changed, 11 insertions(+), 17 deletions(-)
>
>diff --git a/crypto/ansi_cprng.c b/crypto/ansi_cprng.c
>index c9e1684b..c0a27288 100644
>--- a/crypto/ansi_cprng.c
>+++ b/crypto/ansi_cprng.c
>@@ -46,7 +46,6 @@
> struct prng_context {
> spinlock_t prng_lock;
> unsigned char rand_data[DEFAULT_BLK_SZ];
>- unsigned char last_rand_data[DEFAULT_BLK_SZ];
> unsigned char DT[DEFAULT_BLK_SZ];
> unsigned char I[DEFAULT_BLK_SZ];
> unsigned char V[DEFAULT_BLK_SZ];
>@@ -89,8 +88,6 @@ static int _get_more_prng_bytes(struct prng_context
>*ctx, int cont_test) {
> int i;
> unsigned char tmp[DEFAULT_BLK_SZ];
>- unsigned char *output = NULL;
>-
>
> dbgprint(KERN_CRIT "Calling _get_more_prng_bytes for context
%p\n",
> ctx);
>@@ -103,6 +100,7 @@ static int _get_more_prng_bytes(struct prng_context
>*ctx, int cont_test) * This algorithm is a 3 stage state machine
> */
> for (i = 0; i < 3; i++) {
>+ unsigned char *output;
>
> switch (i) {
> case 0:
>@@ -115,23 +113,23 @@ static int _get_more_prng_bytes(struct
>prng_context *ctx, int cont_test) hexdump("tmp stage 0: ", tmp,
>DEFAULT_BLK_SZ);
> break;
> case 1:
>-
> /*
>- * Next xor I with our secret vector V
>- * encrypt that result to obtain our
>- * pseudo random data which we output
>+ * Next xor I with our secret vector V.
>+ * Encrypt that result to obtain our pseudo
random
>+ * data which we output. It is kept temporarily
>+ * in (no longer used) V until we have done the
>+ * anti-repetition compare.
> */
> xor_vectors(ctx->I, ctx->V, tmp,
DEFAULT_BLK_SZ);
> hexdump("tmp stage 1: ", tmp, DEFAULT_BLK_SZ);
>- output = ctx->rand_data;
>+ output = ctx->V;
> break;
> case 2:
> /*
> * First check that we didn't produce the same
>- * random data that we did last time around
through this
>+ * random data that we did last time around.
> */
>- if (!memcmp(ctx->rand_data, ctx->last_rand_data,
>- DEFAULT_BLK_SZ)) {
>+ if (!memcmp(ctx->V, ctx->rand_data,
DEFAULT_BLK_SZ)) {
> if (cont_test) {
> panic("cprng %p Failed
repetition check!\n",
> ctx);
>@@ -144,15 +142,13 @@ static int _get_more_prng_bytes(struct
>prng_context *ctx, int cont_test) ctx->flags |= PRNG_NEED_RESET;
> return -EINVAL;
> }
>- memcpy(ctx->last_rand_data, ctx->rand_data,
>- DEFAULT_BLK_SZ);
>+ memcpy(ctx->rand_data, ctx->V, DEFAULT_BLK_SZ);
>
> /*
> * Lastly xor the random data with I
> * and encrypt that to obtain a new secret
vector V
> */
>- xor_vectors(ctx->rand_data, ctx->I, tmp,
>- DEFAULT_BLK_SZ);
>+ xor_vectors(ctx->I, ctx->V, tmp,
DEFAULT_BLK_SZ);
> output = ctx->V;
> hexdump("tmp stage 2: ", tmp, DEFAULT_BLK_SZ);
> break;
>@@ -161,7 +157,6 @@ static int _get_more_prng_bytes(struct prng_context
>*ctx, int cont_test)
>
> /* do the encryption */
> crypto_cipher_encrypt_one(ctx->tfm, output, tmp);
>-
> }
>
> /*
>@@ -299,7 +294,6 @@ static int reset_prng_context(struct prng_context
>*ctx, memset(ctx->DT, 0, DEFAULT_BLK_SZ);
>
> memset(ctx->rand_data, 0, DEFAULT_BLK_SZ);
>- memset(ctx->last_rand_data, 0, DEFAULT_BLK_SZ);
>
> ctx->rand_read_pos = DEFAULT_BLK_SZ; /* Force immediate
refill */
Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
