Opened 21 months ago

Last modified 19 months ago

#13869 new enhancement

[RFC] Additions to libbsd

Reported by: leorize Owned by: nobody
Priority: normal Milestone: Unscheduled
Component: System Version: R1/Development
Keywords: Cc: PulkoMandy, axeld
Blocked By: Blocking:
Has a Patch: no Platform: All

Description

Functions added:

These should ease porting crypto-related programs from BSDs

Attachments (5)

Change History (11)

Changed 21 months ago by leorize

comment:1 Changed 21 months ago by leorize

Has a Patch: set

Changed 21 months ago by leorize

Changed 21 months ago by leorize

Changed 21 months ago by leorize

comment:2 Changed 20 months ago by waddlesplash

Cc: PulkoMandy axeld added

Patches 1-3 look very good to me and I think they can be applied right away, unless someone has objections.

Patch 4 is the one that merits some discussion. "Technically" the HP-UX implementation of getentropy is from OpenBSD (although I see you've modified it some), although we really should add kernel support for it. But since OpenBSD actually distributes that code ... I say it's "OK for now" (and probably better than what we have now anyway.)

Patch 5 is also fine (but depends on patch 4.)

comment:3 Changed 20 months ago by pulkomandy

Ok for 1, 2 and 3.

For 4 I'd rather get a real getentropy, or none at all. We shouldn't pretend that we have one and fail to deliver.

For 5, likewise, I'd rather get a solid implementation, that is, one that runs kernel-side as a syscall, so it is shared by all processes.

We are dealing with cryptography here, and these APIs are used because they are known to work as expected. So if we "fake" them, we will decrease the security level.

comment:4 Changed 20 months ago by waddlesplash

Patches 1-3 applied in hrev51681.

comment:5 Changed 19 months ago by pulkomandy

comment:6 Changed 19 months ago by pulkomandy

Has a Patch: unset
Note: See TracTickets for help on using tickets.