Re: [PATCH] security/keys: rewrite all of big_key crypto

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Dienstag, 6. Juni 2017, 19:39:00 CEST schrieb Jason A. Donenfeld:

Hi Jason,

> This started out as just replacing the use of crypto/rng with

I have some concerns on this part. The use of crypto/rng is to help all users, 
including those who like FIPS and Co. The crypto/rng code per default uses the 
DRBG which is mandatory for several people.

I wish it would not be needed such that the get_random_bytes provides the 
possibility to use a DRBG ... .

As the DRBG has considerations around early boot entropy, I would think that 
the entropy discussion is not applicable here.

Thanks
Stephan



[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]