diff options
author | lloyd <[email protected]> | 2015-03-23 02:15:45 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2015-03-23 02:15:45 +0000 |
commit | 2d5669770a5723d258703384f905e1d13d6b8696 (patch) | |
tree | ec97fee38f319929833486caa168dc8dfffd6ca3 /src/build-data | |
parent | e9283c9817949aa27ae97f0c9ec06745fb62240d (diff) |
Avoid putting very small values in mlock memory
Diffstat (limited to 'src/build-data')
-rw-r--r-- | src/build-data/buildh.in | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/build-data/buildh.in b/src/build-data/buildh.in index f8009cf0b..36b5f3959 100644 --- a/src/build-data/buildh.in +++ b/src/build-data/buildh.in @@ -35,7 +35,11 @@ /* How much to allocate for a buffer of no particular size */ #define BOTAN_DEFAULT_BUFFER_SIZE 1024 -/* Maximum size to allocate out of the mlock pool */ +/* Minimum and maximum sizes to allocate out of the mlock pool (bytes) + Default min is 16 as smaller values are easily bruteforceable and thus + likely not cryptographic keys. +*/ +#define BOTAN_MLOCK_ALLOCATOR_MIN_ALLOCATION 16 #define BOTAN_MLOCK_ALLOCATOR_MAX_ALLOCATION 128 /* Multiplier on a block cipher's native parallelism */ @@ -67,7 +71,7 @@ */ #define BOTAN_RNG_MAX_OUTPUT_BEFORE_RESEED 512 #define BOTAN_RNG_RESEED_POLL_BITS 128 -#define BOTAN_RNG_AUTO_RESEED_TIMEOUT std::chrono::milliseconds(20) +#define BOTAN_RNG_AUTO_RESEED_TIMEOUT std::chrono::milliseconds(10) #define BOTAN_RNG_RESEED_DEFAULT_TIMEOUT std::chrono::milliseconds(100) /* Should we use GCC-style inline assembler? */ |