Skip to content

Comments

Change rand_pool_bytes_needed to handle less entropy than 1 per 8 bits#6150

Closed
levitte wants to merge 2 commits intoopenssl:masterfrom
levitte:allow-less-than-1-entropy-bits-per-8-data-bit
Closed

Change rand_pool_bytes_needed to handle less entropy than 1 per 8 bits#6150
levitte wants to merge 2 commits intoopenssl:masterfrom
levitte:allow-less-than-1-entropy-bits-per-8-data-bit

Conversation

@levitte
Copy link
Member

@levitte levitte commented May 2, 2018

rand_pool_bytes_needed() was constructed in such a way that the
smallest acceptable entropy factor was 1 entropy bits per 8 bits of
data. At the same time, we have a DRBG_MINMAX_FACTOR that allows
weaker source, as small as 1 bit of entropy per 128 bits of data.
The conclusion is that rand_pool_bytes_needed() needs to change to
support weaker entropy sources. We therefore change the input of
entropy per byte to be an entropy factor instead. This entropy factor
expresses how many bits of data it takes (on average) to get 1 bit of
entropy.

@levitte levitte requested a review from mspncp May 2, 2018 04:32
@levitte levitte force-pushed the allow-less-than-1-entropy-bits-per-8-data-bit branch from 2df3d78 to a5ef709 Compare May 2, 2018 04:34
@levitte levitte mentioned this pull request May 2, 2018
Closed
@levitte levitte added branch: master Applies to master branch branch: 1.1.1 Applies to OpenSSL_1_1_1-stable branch (EOL) labels May 2, 2018
mspncp
mspncp approved these changes May 2, 2018
View reviewed changes
Copy link
Contributor

@mspncp mspncp left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Just to two nits, but approval holds regardless whether you fix the nits or not.

P.S: Seems like it was a good idea not to make the rand_pool api public yet.

crypto/rand/rand_lib.c Outdated
Copy link
Contributor

@mspncp mspncp May 2, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: 'entropy_factor' -> |entropy_factor|

crypto/include/internal/rand_int.h Outdated
Copy link
Contributor

@mspncp mspncp May 2, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: IIRC, I used vertical bars instead of single quotes around parameter names throughout the documenting comments: 'entropy_factor' -> |entropy_factor|

Copy link
Member Author

@levitte levitte May 2, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well, as you noticed yourself, you weren't entirely consistent, the comment above this specific function had ' ;-) . But I'll change that in both places

@mspncp mspncp added the approval: done This pull request has the required number of approvals label May 2, 2018
levitte added 2 commits May 2, 2018 10:15
@levitte
Change rand_pool_bytes_needed to handle less entropy than 1 per 8 bits
7976c06 
rand_pool_bytes_needed() was constructed in such a way that the
smallest acceptable entropy factor was 1 entropy bits per 8 bits of
data.  At the same time, we have a DRBG_MINMAX_FACTOR that allows
weaker source, as small as 1 bit of entropy per 128 bits of data.
The conclusion is that rand_pool_bytes_needed() needs to change to
support weaker entropy sources.  We therefore change the input of
entropy per byte to be an entropy factor instead.  This entropy factor
expresses how many bits of data it takes (on average) to get 1 bit of
entropy.
@levitte
fixup! Change rand_pool_bytes_needed to handle less entropy than 1 pe…
4328d20 
…r 8 bits
@levitte levitte force-pushed the allow-less-than-1-entropy-bits-per-8-data-bit branch from a5ef709 to 4328d20 Compare May 2, 2018 08:17
levitte added a commit that referenced this pull request May 2, 2018
@levitte
Change rand_pool_bytes_needed to handle less entropy than 1 per 8 bits
6ebb49f 
rand_pool_bytes_needed() was constructed in such a way that the
smallest acceptable entropy factor was 1 entropy bits per 8 bits of
data.  At the same time, we have a DRBG_MINMAX_FACTOR that allows
weaker source, as small as 1 bit of entropy per 128 bits of data.
The conclusion is that rand_pool_bytes_needed() needs to change to
support weaker entropy sources.  We therefore change the input of
entropy per byte to be an entropy factor instead.  This entropy factor
expresses how many bits of data it takes (on average) to get 1 bit of
entropy.

Reviewed-by: Matthias St. Pierre <[email protected]>
(Merged from #6150)
@levitte
Copy link
Member Author

levitte commented May 2, 2018

Merged into master / 1.1.1.

6ebb49f Change rand_pool_bytes_needed to handle less entropy than 1 per 8 bits

@levitte levitte closed this May 2, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@mspncp mspncp mspncp approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

approval: done This pull request has the required number of approvals branch: master Applies to master branch branch: 1.1.1 Applies to OpenSSL_1_1_1-stable branch (EOL)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@levitte @mspncp