Am Montag, 20. April 2015, 08:48:55 schrieb Herbert Xu: Hi Herbert, >On Mon, Apr 20, 2015 at 02:45:02AM +0200, Stephan Mueller wrote: >> I do not want to deviate from the kernel crypto API by adding some >> additional wrapper. But what we can do is to leave the DRBG unseeded >> during alloc time. As long as the DRBG is unseeded, it will return EAGAIN >> to any request for random numbers, forcing the caller to use >> crypto_rng_reset to activate the DRBG. >> >> When the DRBG receives a reset, it will always obtain the seed and treat >> any >> user-provided data as personalization string / additional data. > >That's exactly what I was suggesting. I already have two patches >that I will post once I finish testing. Ok, I will wait then for your patches before I send out my patch set for the seeding revamp. > >Cheers, Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html