[rng] Add ANS X9.82 Approved Source of Entropy Input

ANS X9.82 specifies several Approved Sources of Entropy Input (SEI). One such SEI uses an entropy source as the Source of Entropy Input, condensing each entropy source output after each GetEntropy call. This can be implemented relatively cheaply in iPXE and avoids the need to allocate potentially very large buffers. (Note that the terms "entropy source" and "Source of Entropy Input" are not synonyms within the context of ANS X9.82.) Use the iPXE API mechanism to allow entropy sources to be selected at compilation time. Signed-off-by: Michael Brown <mcb30@ipxe.org>
author: Michael Brown <mcb30@ipxe.org> 2012-02-19 22:14:06 +0000
committer: Michael Brown <mcb30@ipxe.org> 2012-02-21 12:42:38 +0000
commit: 073f41085f0791593d96233ef617fcefe3cdacb9 (patch)
tree: ba9794f51055b9d1b82f34d1fa204cc9af2b1957 /src/include/ipxe/hmac_drbg.h
parent: c2668b61ea5ac01279929be6be86cc04fd342ab5 (diff)
download: ipxe-073f41085f0791593d96233ef617fcefe3cdacb9.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/src/include/ipxe/hmac_drbg.h b/src/include/ipxe/hmac_drbg.h
index c751cbcb6..b3dfe3682 100644
--- a/src/include/ipxe/hmac_drbg.h
+++ b/src/include/ipxe/hmac_drbg.h
@@ -59,9 +59,9 @@ FILE_LICENCE ( GPL2_OR_LATER );
  * according to ANS X9.82 Part 3-2007 Section 10.2.1 Table 2 (NIST SP
  * 800-90 Section 10.1 Table 2).
  *
- * We choose to allow up to 2^32-1 bytes (i.e. 2^35-8 bits).
+ * We choose to allow up to 32 bytes.
  */
-#define HMAC_DRBG_MAX_ENTROPY_LEN_BYTES 0xffffffffUL
+#define HMAC_DRBG_MAX_ENTROPY_LEN_BYTES 32
 
 /** Maximum personalisation string length
  *
author	Michael Brown <mcb30@ipxe.org>	2012-02-19 22:14:06 +0000
committer	Michael Brown <mcb30@ipxe.org>	2012-02-21 12:42:38 +0000
commit	073f41085f0791593d96233ef617fcefe3cdacb9 (patch)
tree	ba9794f51055b9d1b82f34d1fa204cc9af2b1957 /src/include/ipxe/hmac_drbg.h
parent	c2668b61ea5ac01279929be6be86cc04fd342ab5 (diff)
download	ipxe-073f41085f0791593d96233ef617fcefe3cdacb9.tar.gz