diff options
| author | Ted Unangst <tedu@cvs.openbsd.org> | 2014-09-15 22:00:25 +0000 |
|---|---|---|
| committer | Ted Unangst <tedu@cvs.openbsd.org> | 2014-09-15 22:00:25 +0000 |
| commit | f18168be63c3a2e9060344cb4c62c994adc5ba08 (patch) | |
| tree | a6de9393c93538cf70c7a7e07e73a3c949eb29d7 /sys/dev/rnd.c | |
| parent | 599a1cc28120816444026ffc15ffd1af8d7173a3 (diff) | |
update comments to reflect chacha20. from Max Fillinger
Diffstat (limited to 'sys/dev/rnd.c')
| -rw-r--r-- | sys/dev/rnd.c | 23 |
1 files changed, 12 insertions, 11 deletions
diff --git a/sys/dev/rnd.c b/sys/dev/rnd.c index 9770108eaf6..233ae91d346 100644 --- a/sys/dev/rnd.c +++ b/sys/dev/rnd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rnd.c,v 1.159 2014/07/17 13:38:22 tedu Exp $ */ +/* $OpenBSD: rnd.c,v 1.160 2014/09/15 22:00:24 tedu Exp $ */ /* * Copyright (c) 2011 Theo de Raadt. @@ -76,17 +76,18 @@ * If this estimate goes to zero, the MD5 hash will continue to generate * output since there is no true risk because the MD5 output is not * exported outside this subsystem. It is next used as input to seed a - * RC4 stream cipher. Attempts are made to follow best practice - * regarding this stream cipher - the first chunk of output is discarded - * and the cipher is re-seeded from time to time. This design provides - * very high amounts of output data from a potentially small entropy - * base, at high enough speeds to encourage use of random numbers in - * nearly any situation. + * ChaCha20 stream cipher, which is re-seeded from time to time. This + * design provides very high amounts of output data from a potentially + * small entropy base, at high enough speeds to encourage use of random + * numbers in nearly any situation. Before OpenBSD 5.5, the RC4 stream + * cipher (also known as ARC4) was used instead of ChaCha20. * - * The output of this single RC4 engine is then shared amongst many + * The output of this single ChaCha20 engine is then shared amongst many * consumers in the kernel and userland via a few interfaces: * arc4random_buf(), arc4random(), arc4random_uniform(), randomread() - * for the set of /dev/random nodes, and the sysctl kern.arandom. + * for the set of /dev/random nodes, the sysctl kern.arandom, and the + * system call getentropy(), which provides seeds for process-context + * pseudorandom generators. * * Acknowledgements: * ================= @@ -666,7 +667,7 @@ _rs_random_u32(u_int32_t *val) return; } -/* Return one word of randomness from an RC4 generator */ +/* Return one word of randomness from a ChaCha20 generator */ u_int32_t arc4random(void) { @@ -680,7 +681,7 @@ arc4random(void) } /* - * Fill a buffer of arbitrary length with RC4-derived randomness. + * Fill a buffer of arbitrary length with ChaCha20-derived randomness. */ void arc4random_buf(void *buf, size_t n) |