openbsd/src/lib/libcrypto/arc4random, branch libressl-v3.3.1

openbsd/src/lib/libcrypto/arc4random, branch libressl-v3.3.1 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v3.3.1 2020-11-11T10:41:24+00:00 Update getentropy on Windows to use Cryptography Next Generation (CNG). 2020-11-11T10:41:24+00:00 bcook 2020-11-11T10:41:24+00:00 urn:sha1:04553cc77265e9bcf5dc68d4dd6c2881fcb76177 wincrypt is deprecated and no longer works with newer Windows environments, such as in Windows Store apps. make fixed-sized fixed-value mib[] arrays be const 2020-10-12T22:08:33+00:00 deraadt 2020-10-12T22:08:33+00:00 urn:sha1:b7e57c0d7a138aac2289904709330d2b2ee7257c ok guenther tb millert As done everywhere else, use a local version of MINIMUM() and avoid 2020-05-17T14:44:20+00:00 deraadt 2020-05-17T14:44:20+00:00 urn:sha1:032a35a73bdeb0ea0007bfc5219e6c96db991681 conflict against a potential define min() from some other scope. Using pthread_atfork instead of __register_atfork with uClibc on noMMU 2019-07-11T10:37:28+00:00 inoguchi 2019-07-11T10:37:28+00:00 urn:sha1:c513fcc21523226bcda18cc239488f0508ef6e37 uClibc on noMMU doesn't provide __register_atfork(). Reported by redbirdtek on Github issue. https://github.com/libressl-portable/portable/issues/538 ok bcook@ Saw a mention somewhere a while back that the gotdata() function in 2018-11-20T08:04:28+00:00 deraadt 2018-11-20T08:04:28+00:00 urn:sha1:1c9e20cbc776ff1a1ba01d20a3d7ae740718e16e here could creates non-uniformity since very short fetches of 0 would be excluded. blocks of 0 are just as random as any other data, including blocks of 4 4 4.. This is a misguided attempt to identify errors from the entropy churn/gather code doesn't make sense, errors don't happen. ok bcook ensure SYS_getrandom and GRND_NONBLOCK are both defined before using getrandom(2) 2018-03-13T22:53:28+00:00 bcook 2018-03-13T22:53:28+00:00 urn:sha1:302371947c6242ab9f7f993a57b4b413756adb5c Based on discussion here https://github.com/libressl-portable/openbsd/pull/82 Suggested fix from jsing@ Switch Linux getrandom() usage to non-blocking mode, continuing to 2017-04-29T18:43:31+00:00 beck 2017-04-29T18:43:31+00:00 urn:sha1:06e58ee3d445df182278c56c23d0bf1aec820070 use fallback mechanims if unsuccessful. The design of Linux getrandom is broken. It has an uninitialized phase coupled with blocking behaviour, which is unacceptable from within a library at boot time without possible recovery. ok deraadt@ jsing@ add iOS support for getentropy 2016-09-03T15:24:09+00:00 bcook 2016-09-03T15:24:09+00:00 urn:sha1:fc45c32b727123a9db48fbc11ff7d90f36199048 from Jacob Berkman, ok beck@ Update the link for the getentropy(2) manual to man.openbsd.org/ 2016-08-07T03:27:21+00:00 tb 2016-08-07T03:27:21+00:00 urn:sha1:45a99457661a695d9e6070e26d9383b3a955a536 ok deraadt@ Tighten behavior of _rs_allocate failure for portable arc4random implementations. 2016-06-30T12:19:51+00:00 bcook 2016-06-30T12:19:51+00:00 urn:sha1:feaba99148498e3901e21567eef6244222c71431 In the event of a failure in _rs_allocate for rsx, we still have a reference to freed memory for rs on return. Not a huge deal since we subsequently abort in _rs_init, but it looks strange on its own. ok deraadt@