On Sun, Apr 19, 2015 at 05:37:21PM +0200, Stephan Mueller wrote: > > I am not sure I understand you correctly: shall the DRBG have these > precautions? If so, wouldn't we break the requirements in SP800-90A where the > DRBG is intended to seed itself? > > Or would you want to update the crypto_alloc_rng routine? No. Our API doesn't provide the Instantiate_function obviously. If you really want to have an explicit instantiate function then you can provide a wrapper: crypto_instantiate_drbg(...) { struct crypto_rng *drbg; drbg = crypto_alloc_rng(...); crypto_rng_reset(drbg, ...); return drbg; } The fact that crypto_alloc_rng currently instantiates the RNG is wrong because there is no provision for the personalisation string. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html