Move estimate of RDRAND/RDSEED entropy to build.h

GH #370 for background
author: Jack Lloyd <[email protected]> 2015-12-19 18:55:35 -0500
committer: Jack Lloyd <[email protected]> 2015-12-19 18:55:35 -0500
commit: 93737a7fe053b154ec56197d85c1b3f009826539 (patch)
tree: 02af9208ed3bf8da2d9b0c70e1543b8a169747db /src/lib/entropy/rdrand/rdrand.cpp
parent: cd4b4c04aa045c7bd660360f426c3964c6755306 (diff)
1 files changed, 1 insertions, 11 deletions
diff --git a/src/lib/entropy/rdrand/rdrand.cpp b/src/lib/entropy/rdrand/rdrand.cpp
index 178c52798..24fe98cf8 100644
--- a/src/lib/entropy/rdrand/rdrand.cpp
+++ b/src/lib/entropy/rdrand/rdrand.cpp
@@ -22,16 +22,6 @@ void Intel_Rdrand::poll(Entropy_Accumulator& accum)
    if(!CPUID::has_rdrand())
       return;
 
-   /*
-   Don't consider rdrand as contributing any entropy to the poll. It doesn't
-   make sense to trust uninspectible hardware.
-
-   Even if backdoored, rdrand cannot harm us because the HMAC_RNG poll process
-   is designed to handle arbitrarily large amounts of attacker known/chosen
-   input (or even a reseed where every bit we reseeded with was attacker chosen),
-   as long as at least one seed occurred with enough unknown-to-attacker entropy.
-   */
-   const double ENTROPY_ESTIMATE = 0.0;
    const size_t RDRAND_POLLS = 32;
 
    for(size_t i = 0; i != RDRAND_POLLS; ++i)
@@ -49,7 +39,7 @@ void Intel_Rdrand::poll(Entropy_Accumulator& accum)
 #endif
 
       if(cf == 1)
-         accum.add(r, ENTROPY_ESTIMATE);
+         accum.add(r, BOTAN_ENTROPY_ESTIMATE_HARDWARE_RNG);
       }
    }
author	Jack Lloyd <[email protected]>	2015-12-19 18:55:35 -0500
committer	Jack Lloyd <[email protected]>	2015-12-19 18:55:35 -0500
commit	93737a7fe053b154ec56197d85c1b3f009826539 (patch)
tree	02af9208ed3bf8da2d9b0c70e1543b8a169747db /src/lib/entropy/rdrand/rdrand.cpp
parent	cd4b4c04aa045c7bd660360f426c3964c6755306 (diff)