This is a separate patch so it may be considered separately.
I think it's in the spirit of the original ANSI specs, but opinions
are solicited.

Signed-off-by: George Spelvin <li...@horizon.com>
---
 crypto/ansi_cprng.c | 9 +++++++++
 1 file changed, 9 insertions(+)

I'm really not sure what people will think of this.

diff --git a/crypto/ansi_cprng.c b/crypto/ansi_cprng.c
index c2c285f3..4ed7c0cf 100644
--- a/crypto/ansi_cprng.c
+++ b/crypto/ansi_cprng.c
@@ -213,6 +213,15 @@ static int get_prng_bytes(unsigned char *buf, unsigned int 
nbytes,
        len = nbytes - pos;
        memcpy(buf + pos, ctx->rand_data.bytes + read_pos, len);
        read_pos += len;
+       /*
+        * If not in deterministic mode, never buffer old entropy;
+        * re-seed on each read request.  This is in the spirit of the
+        * specifications, which are themselves not clear on the subject
+        * of multiple requests for output over a period of time.
+        */
+       if (!(ctx->flags & PRNG_DETERMINISTIC))
+               read_pos = DEFAULT_BLK_SZ;
+
        memzero_explicit(ctx->rand_data.bytes, read_pos);
        ctx->rand_read_pos = read_pos;
        err = nbytes;
-- 
2.1.3

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to