Move estimate of RDRAND/RDSEED entropy to build.h

GH #370 for background
author: Jack Lloyd <[email protected]> 2015-12-19 18:55:35 -0500
committer: Jack Lloyd <[email protected]> 2015-12-19 18:55:35 -0500
commit: 93737a7fe053b154ec56197d85c1b3f009826539 (patch)
tree: 02af9208ed3bf8da2d9b0c70e1543b8a169747db /src/lib/entropy/rdseed
parent: cd4b4c04aa045c7bd660360f426c3964c6755306 (diff)
1 files changed, 1 insertions, 11 deletions
diff --git a/src/lib/entropy/rdseed/rdseed.cpp b/src/lib/entropy/rdseed/rdseed.cpp
index 8bdd79a1d..91306769d 100644
--- a/src/lib/entropy/rdseed/rdseed.cpp
+++ b/src/lib/entropy/rdseed/rdseed.cpp
@@ -22,16 +22,6 @@ void Intel_Rdseed::poll(Entropy_Accumulator& accum)
    if(!CPUID::has_rdseed())
       return;
 
-   /*
-   Don't consider rdseed as contributing any entropy to the poll. It doesn't
-   make sense to trust uninspectible hardware.
-
-   Even if backdoored, rdseed cannot harm us because the HMAC_RNG poll process
-   is designed to handle arbitrarily large amounts of attacker known/chosen
-   input (or even a reseed where every bit we reseeded with was attacker chosen),
-   as long as at least one seed occurred with enough unknown-to-attacker entropy.
-   */
-   const double ENTROPY_ESTIMATE = 0.0;
    const size_t RDSEED_POLLS = 32;
 
    for(size_t i = 0; i != RDSEED_POLLS; ++i)
@@ -49,7 +39,7 @@ void Intel_Rdseed::poll(Entropy_Accumulator& accum)
 #endif
 
       if(cf == 1)
-         accum.add(r, ENTROPY_ESTIMATE);
+         accum.add(r, BOTAN_ENTROPY_ESTIMATE_HARDWARE_RNG);
       }
    }
author	Jack Lloyd <[email protected]>	2015-12-19 18:55:35 -0500
committer	Jack Lloyd <[email protected]>	2015-12-19 18:55:35 -0500
commit	93737a7fe053b154ec56197d85c1b3f009826539 (patch)
tree	02af9208ed3bf8da2d9b0c70e1543b8a169747db /src/lib/entropy/rdseed
parent	cd4b4c04aa045c7bd660360f426c3964c6755306 (diff)