Module Name: src Committed By: riastradh Date: Fri May 13 09:39:52 UTC 2022
Modified Files: src/sys/kern: kern_entropy.c Log Message: entropy(9): Note rules about how to use entropy_extract output. To generate a diff of this commit: cvs rdiff -u -r1.54 -r1.55 src/sys/kern/kern_entropy.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/kern/kern_entropy.c diff -u src/sys/kern/kern_entropy.c:1.54 src/sys/kern/kern_entropy.c:1.55 --- src/sys/kern/kern_entropy.c:1.54 Thu Mar 24 12:58:56 2022 +++ src/sys/kern/kern_entropy.c Fri May 13 09:39:52 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_entropy.c,v 1.54 2022/03/24 12:58:56 riastradh Exp $ */ +/* $NetBSD: kern_entropy.c,v 1.55 2022/05/13 09:39:52 riastradh Exp $ */ /*- * Copyright (c) 2019 The NetBSD Foundation, Inc. @@ -75,7 +75,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.54 2022/03/24 12:58:56 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.55 2022/05/13 09:39:52 riastradh Exp $"); #include <sys/param.h> #include <sys/types.h> @@ -1341,6 +1341,16 @@ sysctl_entropy_gather(SYSCTLFN_ARGS) * * Extract len bytes from the global entropy pool into buf. * + * Caller MUST NOT expose these bytes directly -- must use them + * ONLY to seed a cryptographic pseudorandom number generator + * (`CPRNG'), a.k.a. deterministic random bit generator (`DRBG'), + * and then erase them. entropy_extract does not, on its own, + * provide backtracking resistance -- it must be combined with a + * PRNG/DRBG that does. + * + * You generally shouldn't use this directly -- use cprng(9) + * instead. + * * Flags may have: * * ENTROPY_WAIT Wait for entropy if not available yet.