• Herbert Xu's avatar
    crypto: drbg - Do not seed RNG in drbg_kcapi_init · 2a57e424
    Herbert Xu authored
    Initialising the RNG in drbg_kcapi_init is a waste of precious
    entropy because all users will immediately seed the RNG after
    the allocation.
    
    In fact, all users should seed the RNG before using it.  So there
    is no point in doing the seeding in drbg_kcapi_init.
    
    This patch removes the initial seeding and the user must seed
    the RNG explicitly (as they all currently do).
    
    This patch also changes drbg_kcapi_reset to allow reseeding.
    That is, if you call it after a successful initial seeding, then
    it will not reset the internal state of the DRBG before mixing
    the new input and entropy.
    
    If you still wish to reset the internal state, you can always
    free the DRBG and allocate a new one.
    
    Finally this patch removes locking from drbg_uninstantiate because
    it's now only called from the destruction path which must not be
    executed in parallel with normal operations.
    Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    Acked-by: default avatarStephan Mueller <smueller@chronox.de>
    2a57e424
drbg.c 53.9 KB