Am Montag, 29. Mai 2017, 11:08:38 CEST schrieb Tudor Ambarus: Hi Tudor, > > >> + unsigned int nbytes = ndigits << ECC_DIGITS_TO_BYTES_SHIFT; > >> + > >> + get_random_bytes(priv, nbytes); > > > > Can you please use crypto_get_default_rng / crypto_rng_get_bytes / > > crypto_put_default_rng? > > Actually I tried this and I encountered some problems, I'm currently > debugging it. > > When using the default rng and the run-time self tests are enabled, > the kernel is in a blocking state. What's worse is that the kernel > blocks before the console has the chance to be enabled and I can't see > anything :). > > I suspect that the kernel blocks because the rng does not have enough > entropy. Could you please give me some hints? Hm, there should be no blocking for the DRBG to initialize. What happens if you compile that as a module and insmod it at runtime? > > >> + > >> + if (vli_is_zero(priv, ndigits)) > >> + return -EINVAL; > >> + > >> + /* Make sure the private key is in the range [1, n-1]. */ > >> + if (vli_cmp(curve->n, priv, ndigits) != 1) > >> + return -EINVAL; > >> + > >> + ecc_swap_digits(priv, privkey, ndigits); > > > > Is a byteswap faster than a copy operation by looping through priv/privkey > > and simply assinging the value? > > Maybe not, but I am consistent with the rest of the code. Can we change > this in a latter patch, if necessary? Ok, fine with me. Ciao Stephan