| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
| |
close the fds in the entropy source destructor.
|
| |
|
|
|
|
| |
It turned out many files were including base.h merely to get other
includes (like types.h, secmem.h, and exceptn.h). Those have been changed
to directly include the files containing the declarations that code needs.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
is requested, Randpool will first do a fast poll on each entropy
source that has been registered. It will count these poll results
towards the collected entropy count, with a maximum of 96
contributed bits of entropy per poll (only /dev/random reaches
this, others measure at 50-60 bits typically), and a maximum of
256 for sum contribution of the fast polls.
Then it will attempt slow polls of all devices until it thinks enough
entropy has been collected (using the rather naive entropy_estimate
function). It will count any slow poll for no more than 256 bits (100 or
so is typical for every poll but /dev/random), and will attempt to collect
at least 512 bits of (estimated/guessed) entropy.
This tends to cause Randpool to use significantly more
sources. Previously it was common, especially on systems with a
/dev/random, for only one or a few sources to be used. This
change helps assure that even if /dev/random and company are
broken or compromised the RNG output remains secure (assuming at
least some amount of entropy unguessable by the attacker can be
collected via other sources).
Also change AutoSeeded_RNG do an automatic poll/seed when it is
created.
|
| |
|
|
|
|
| |
implementations
to decouple from knowing about RandomNumberGenerator).
|
| | |
|
| |
|
|
|
|
| |
fd327b29aa542e0ad5ff6d37d8392321670f0369)
to branch 'net.randombit.botan.modularized' (head 3f8d05493d4b192243fdc8a7f518ed1013c3be54)
|
| |
|
|
|
| |
them modules now. In any case there is no distinction so info.txt seems
better.
|
| | |
|
| | |
|
| |
|
