>From smueller@xxxxxxxxxx Tue Dec 02 08:57:23 2014 X-AuthUser: sm@xxxxxxxx From: Stephan Mueller <smueller@xxxxxxxxxx> To: George Spelvin <linux@xxxxxxxxxxx> Cc: herbert@xxxxxxxxxxxxxxxxxxx, nhorman@xxxxxxxxxxxxx, linux-crypto@xxxxxxxxxxxxxxx Subject: Re: [PATCH 02/17] crypto: ansi_cprng - Eliminate ctx->last_rand_data Date: Tue, 02 Dec 2014 09:57:17 +0100 User-Agent: KMail/4.14.2 (Linux/3.17.2-200.fc20.x86_64; KDE/4.14.2; x86_64; ; ) In-Reply-To: <20141202083550.17918.qmail@xxxxxxxxxxxxxx> References: <20141202083550.17918.qmail@xxxxxxxxxxxxxx> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" Am Dienstag, 2. Dezember 2014, 03:35:50 schrieb George Spelvin: Hi George, >> It's simply not necessary. > Can you please be a bit more verbose on why you think this is not > necessary? Sorry, I thought the code made that obvious. The two buffers have to exist simultaneously very briefly in order to be compared, but the old data can be overwritten immediately thereafter. So what the revised code does is: I := E(DT) (The buffer is called "tmp") V ^= I V := E(V) (This can be stored in V without problems) compare V with read_data read_data := V V ^= I V := E(V) > Have you tested that change with reference test vectors -- what do > testmgr test vectors say? As I explained in part 00, yes. The behaviour is identical. I should mention, however, that I did not exactly use testmgr; I cut & pasted the relevant test vectors & code into ansi_cprng.c, then verified that the tests passed with both old and modified code. I have so far been unable to figure out how to make the tcrypt module do anything useful. -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html