summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--crypto/drbg.c12
-rw-r--r--include/crypto/drbg.h1
2 files changed, 12 insertions, 1 deletions
diff --git a/crypto/drbg.c b/crypto/drbg.c
index c6cbf1336d73..5fad297424fc 100644
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -1088,6 +1088,9 @@ static void drbg_async_seed(struct work_struct *work)
__drbg_seed(drbg, &seedlist, true);
+ if (drbg->seeded)
+ drbg->reseed_threshold = drbg_max_requests(drbg);
+
mutex_unlock(&drbg->drbg_mutex);
memzero_explicit(entropy, entropylen);
@@ -1334,7 +1337,7 @@ static int drbg_generate(struct drbg_state *drbg,
* 9.3.1 step 6 and 9 supplemented by 9.3.2 step c is implemented
* here. The spec is a bit convoluted here, we make it simpler.
*/
- if ((drbg_max_requests(drbg)) < drbg->reseed_ctr)
+ if (drbg->reseed_threshold < drbg->reseed_ctr)
drbg->seeded = false;
if (drbg->pr || !drbg->seeded) {
@@ -1478,6 +1481,12 @@ static int drbg_prepare_hrng(struct drbg_state *drbg)
drbg->jent = crypto_alloc_rng("jitterentropy_rng", 0, 0);
+ /*
+ * Require frequent reseeds until the seed source is fully
+ * initialized.
+ */
+ drbg->reseed_threshold = 50;
+
return err;
}
@@ -1522,6 +1531,7 @@ static int drbg_instantiate(struct drbg_state *drbg, struct drbg_string *pers,
drbg->core = &drbg_cores[coreref];
drbg->pr = pr;
drbg->seeded = false;
+ drbg->reseed_threshold = drbg_max_requests(drbg);
ret = drbg_alloc_state(drbg);
if (ret)
diff --git a/include/crypto/drbg.h b/include/crypto/drbg.h
index fad6450b99f9..9756c70899d8 100644
--- a/include/crypto/drbg.h
+++ b/include/crypto/drbg.h
@@ -111,6 +111,7 @@ struct drbg_state {
unsigned char *C;
/* Number of RNG requests since last reseed -- 10.1.1.1 1c) */
size_t reseed_ctr;
+ size_t reseed_threshold;
/* some memory the DRBG can use for its operation */
unsigned char *scratchpad;
void *priv_data; /* Cipher handle */