Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Add DRBG random method #3789
3 times, most recently
Jun 30, 2017
@kroeckx , think of it like the PACKET or WPACKET functions in the SSL library. These are purely internal functions that will (soon) be called by the existing RAND API. Users should not call them. Documentation, since all we have is public manpages, is not appropriate.
I can add more comments to internal/rand.h in a later PR if you want.
Yes, there are several new internal functions; many are for the KAT tests, some are for the "deployment model" of the NIST document (instantiate, uninstanstate), and some will be used in the crypto and ssl library.
@kroeckx The code in this PR is more less the original code from the FIPS object module. And indeed the FIPS module contained a real bug mixing bits and bytes, in the implementation of fips_get_entropy() (This was reported by Lee D Gibbons on rt (See my first review of crypto/rand/drbg_lib.c in this PR for details). But this is the only bits vs. bytes bug I know of.