git.openssl.org Git - openssl.git/commit

Add master DRBG for reseeding

A third shared DRBG is added, the so called master DRBG. Its sole purpose
is to reseed the two other shared DRBGs, the public and the private DRBG.
The randomness for the master DRBG is either pulled from the os entropy
sources, or added by the application using the RAND_add() call.

The master DRBG reseeds itself automatically after a given number of generate
requests, but can also be reseeded using RAND_seed() or RAND_add().
A reseeding of the master DRBG is automatically propagated to the public
and private DRBG. This construction fixes the problem, that up to now
the randomness provided by RAND_add() was added only to the public and
not to the private DRBG.

Signed-off-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/4402)

author	Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
	Fri, 24 Nov 2017 13:59:58 +0000 (14:59 +0100)
committer	Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
	Sun, 17 Dec 2017 22:12:10 +0000 (23:12 +0100)
commit	a93ba405b0327db9106f8f224112a2b64fb264e7
tree	d7185e4703fa29127c97315150cc0e3b18a5c8f3	tree \| snapshot
parent	56d362881eb9173d74f89aa8c4c4b42bc3397a17	commit \| diff

crypto/rand/drbg_lib.c		diff \| blob \| history
crypto/rand/drbg_rand.c		diff \| blob \| history
crypto/rand/rand_lcl.h		diff \| blob \| history
crypto/rand/rand_lib.c		diff \| blob \| history
include/internal/rand.h		diff \| blob \| history
ssl/ssl_lib.c		diff \| blob \| history
test/drbgtest.c		diff \| blob \| history
util/libcrypto.num		diff \| blob \| history