Rng improvements #161
Merged
Rng improvements #161
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This applies a8c7bbd (May 2020) to the mirage rng feeding. The reasoning behind this change is twofold: - consistency of the semantics across implementations (lwt, mirage, async); - make it hard to produce bad random. Now, the expectation is that a single RNG is used in an application, and this is fed fresh entropy on a periodic basis. Since the API allows to mutate the default generator (Mirage_crypto_rng.set_default_generator), which is used by default by all applications, it is crucial that this one receives fresh entropy. The "initialize" function does the following: fail if the default rng is already set; collect some bootstrap entropy; set the default rng; start tasks that periodically (every m nanoseconds) collect entropy and feed it to the generator; register a hook to the scheduler to collect a bit more entropy on every scheduling decision.
hannesm
added a commit
to hannesm/opam-repository
that referenced
this pull request
Sep 13, 2022
…age, mirage-crypto-rng-eio, mirage-crypto-rng-async, mirage-crypto-pk and mirage-crypto-ec (0.10.7) CHANGES: - mirage-crypto-rng-eio: new package for seeding and feeding entropy to the rng with eio (mirage/mirage-crypto#155 @bikallem, @talex5, @hannesm) - mirage-crypto-ec: expose Dsa.byte_length (mirage/mirage-crypto#164 @hannesm) - CI: various fixes (mirage/mirage-crypto#154 mirage/mirage-crypto#164 @hannesm) - mirage-crypto-rng-mirage: use 'a generator type alias - mirage-crypto-rng: improve setup_rng message (add async, revise lwt) (mirage/mirage-crypto#161 @hannesm) - mirage-crypto-rng-mirage: always feed the default generator (as done in a8c7bbd2552a9d2177450e95f280342f80fba01d for the lwt feeding) (mirage/mirage-crypto#161 @hannesm) - ec: update generated code to recent fiat-crypto (mirage/mirage-crypto#156 @hannesm)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Streamline the semantics of the initialize and entropy feeding.