git.openssl.org Git - openssl.git/commit

author	Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
	Sun, 20 Aug 2017 21:02:46 +0000 (23:02 +0200)
committer	Rich Salz <rsalz@openssl.org>
	Mon, 28 Aug 2017 12:52:02 +0000 (08:52 -0400)
commit	aa048aef0b9146f90c06333dedfc105d1f9e2c22
tree	0b29eacc4bcc5d8ec088bab35ae7fa36551923a8	tree \| snapshot
parent	b2db9c18b23f59c3a08ef10f0ee85f24d43da2a4	commit \| diff

DRBG: clarify difference between entropy counts and buffer lengths

Unlike the NIST DRBG standard, entropy counts are in bits and
buffer lengths are in bytes. This has lead to some confusion and
errors in the past, see my comment on PR 3789.

To clarify the destinction between entropy counts and buffer lengths,
a 'len' suffix has been added to all member names of RAND_DRBG which
represent buffer lengths:

-   {min,max}_{entropy,adin,nonce,pers}
+   {min,max}_{entropy,adin,nonce,pers}len

This change makes naming also more consistent, as can be seen in the
diffs, for example:

-    else if (adinlen > drbg->max_adin) {
+    else if (adinlen > drbg->max_adinlen) {

Also replaced all 'ent's by 'entropy's, following a suggestion of Paul Dale.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4266)

crypto/rand/drbg_lib.c		diff \| blob \| history
crypto/rand/drbg_rand.c		diff \| blob \| history
crypto/rand/rand_lcl.h		diff \| blob \| history
test/drbgtest.c		diff \| blob \| history