History log of /openbsd-src/lib/libc/crypt/arc4random.c (Results 1 – 25 of 58)
Revision Date Author Comments
# be1d1982 31-Jul-2022 tb <tb@openbsd.org>

fix indent


# d9204e62 31-Jul-2022 djm <djm@openbsd.org>

Randomise the rekey interval a little. Previously, the chacha20
instance would be rekeyed every 1.6MB. This makes it happen at a
random point somewhere in the 1-2MB range.

Feedback deraadt@ visa@, o

Randomise the rekey interval a little. Previously, the chacha20
instance would be rekeyed every 1.6MB. This makes it happen at a
random point somewhere in the 1-2MB range.

Feedback deraadt@ visa@, ok tb@ visa@

show more ...


# 822b16c6 28-Feb-2022 dtucker <dtucker@openbsd.org>

Remove unused ivbits argument from chacha_keysetup to match other
instances in the tree. ok deraadt@


# 1bdfaae3 24-Mar-2019 deraadt <deraadt@openbsd.org>

In the incredibly unbelievable circumstance where _rs_init() fails to
allocate pages, don't call abort() because of corefile data leakage
concerns, but simply _exit(). The reasoning is _rs_init() wi

In the incredibly unbelievable circumstance where _rs_init() fails to
allocate pages, don't call abort() because of corefile data leakage
concerns, but simply _exit(). The reasoning is _rs_init() will only
fail if someone finds a way to apply specific pressure against this
failure point, for the purpose of leaking information into a core which
they can read. We don't need a corefile in this instance to debug that.
So take this "lever" away from whoever in the future wants to do that.

show more ...


# 0d943ef0 13-Sep-2015 guenther <guenther@openbsd.org>

Wrap <stdlib.h> so that calls go direct and the symbols not in the
C standard are all weak.
Apply __{BEGIN,END}_HIDDEN_DECLS to gdtoa{,imp}.h, hiding the
arch-specific __strtorx, __ULtox_D2A, __strto

Wrap <stdlib.h> so that calls go direct and the symbols not in the
C standard are all weak.
Apply __{BEGIN,END}_HIDDEN_DECLS to gdtoa{,imp}.h, hiding the
arch-specific __strtorx, __ULtox_D2A, __strtorQ, __ULtoQ_D2A symbols.

show more ...


# 9d355e46 10-Sep-2015 bcook <bcook@openbsd.org>

Add support for building arc4random with MSVC.

By default, MSVC's stdlib.h defines min(), so we need to spell out something
less common to avoid picking it up.

ok deraadt@ beck@ miod@


# aea60bee 16-Jan-2015 deraadt <deraadt@openbsd.org>

Move to the <limits.h> universe.
review by millert, binary checking process with doug, concept with guenther


# 08735ac4 15-Jan-2015 deraadt <deraadt@openbsd.org>

back in september I did the large abstraction refactoring to allow these
other systems to fit into the same mold, so add copyright


# 323bb523 21-Jul-2014 deraadt <deraadt@openbsd.org>

missing newline


# d976644e 20-Jul-2014 bcook <bcook@openbsd.org>

Move more OS-specific functionality to arc4random.h headers.

Move <sys/mman.h> and raise(SIGKILL) calls to OS-specific headers.
On OpenBSD, move thread_private.h as well to arc4random.h.
On Windows,

Move more OS-specific functionality to arc4random.h headers.

Move <sys/mman.h> and raise(SIGKILL) calls to OS-specific headers.
On OpenBSD, move thread_private.h as well to arc4random.h.
On Windows, use TerminateProcess on getentropy failure.

ok deraadt@

show more ...


# 40e6dbbd 19-Jul-2014 deraadt <deraadt@openbsd.org>

Change _rs_allocate so it can combine the two regions (rs and rsx)
into one if a system has an awesome getentropy(). In that case it
is valid to totally throw away the rsx state in the child. If th

Change _rs_allocate so it can combine the two regions (rs and rsx)
into one if a system has an awesome getentropy(). In that case it
is valid to totally throw away the rsx state in the child. If the
getentropy() is not very good and has a lazy reseed operation, this
combining is a bad idea, and the reseed should probably continue to
use the "something old, something new" mix. _rs_allocate() can
accomodate either method, but not on the fly.
ok matthew

show more ...


# 2ef411b6 18-Jul-2014 deraadt <deraadt@openbsd.org>

Seperate arc4random's os-dependent parts into static inline functions,
making it much easier for libressl -portable to fill in the gaps.
ok bcook beck


# 29a8d8f8 17-Jul-2014 deraadt <deraadt@openbsd.org>

"Race-free because we're running single-threaded in a new
address space, and once allocated rs is never deallocated."
document the forkhandler to save reviewers time, with matthew


# f32ced12 16-Jul-2014 deraadt <deraadt@openbsd.org>

#ifdef wrap the _rs_forkhandler


# 98694cd0 16-Jul-2014 bcook <bcook@openbsd.org>

added handler for an atfork hook from kettenis@

ok deraadt@ beck@ kettenis@


# d2556a96 13-Jul-2014 beck <beck@openbsd.org>

While we thought this would make portable life easier it actually
makes it much harder.
ok bcook@ kettenis@


# 205b4a08 12-Jul-2014 deraadt <deraadt@openbsd.org>

Wrap "thread_private.h" with #ifdef __OpenBSD__ so that other systems
can copy this file (plus chacha_private.h) directly and reuse it
trivially. Well, as long as they have a getentropy() as well..

Wrap "thread_private.h" with #ifdef __OpenBSD__ so that other systems
can copy this file (plus chacha_private.h) directly and reuse it
trivially. Well, as long as they have a getentropy() as well..
ok beck

show more ...


# fc506807 12-Jul-2014 deraadt <deraadt@openbsd.org>

Split arc4random_uniform into it's own file, to assist other projects
now using this as upstream code. The particular problem is systems
that contain older arc4random derivations lacking arc4random_

Split arc4random_uniform into it's own file, to assist other projects
now using this as upstream code. The particular problem is systems
that contain older arc4random derivations lacking arc4random_uniform().
ok tedu miod

show more ...


# 2cc388ba 09-Jul-2014 bcook <bcook@openbsd.org>

changes to improve portability

ok beck@ deraadt@ jsing@ guenther@


# 98a6c07d 27-Jun-2014 deraadt <deraadt@openbsd.org>

re-init and init code paths are now more shared, so the getpid()-based
portable code path must handle that; with brent cook


# 25c2b03a 26-Jun-2014 deraadt <deraadt@openbsd.org>

Add back an #ifndef MAP_INHERIT_ZERO chunk to support the old getpid()
mechanism, to aid in portability to other systems as requested.
ok matthew


# 99cf665f 25-Jun-2014 deraadt <deraadt@openbsd.org>

document why we explicit_bzero


# 51205cb4 20-Jun-2014 matthew <matthew@openbsd.org>

arc4random: hard fail with raise(SIGKILL) if getentropy() returns -1

Allow other non-zero return values in case we change our mind to
return an ssize_t byte count instead of simple success/fail.

ok

arc4random: hard fail with raise(SIGKILL) if getentropy() returns -1

Allow other non-zero return values in case we change our mind to
return an ssize_t byte count instead of simple success/fail.

ok deraadt, djm

show more ...


# 6e3588f2 19-Jun-2014 matthew <matthew@openbsd.org>

Move rs_chacha and rs_buf into the same memory page and don't mark it
MAP_INHERIT_ZERO anymore. This restores arc4random's previous
behavior where fork children would mix in some randomness from the

Move rs_chacha and rs_buf into the same memory page and don't mark it
MAP_INHERIT_ZERO anymore. This restores arc4random's previous
behavior where fork children would mix in some randomness from the
parent process.

New behavior noticed by deraadt
ok deraadt, tedu

show more ...


# 4caf194b 17-Jun-2014 matthew <matthew@openbsd.org>

Use MAP_INHERIT_ZERO in arc4random(3)

Now instead of calling getpid() each time a user invokes arc4random(),
we're able to rely on the kernel zero'ing out the RNG state if the
process forks.

ok der

Use MAP_INHERIT_ZERO in arc4random(3)

Now instead of calling getpid() each time a user invokes arc4random(),
we're able to rely on the kernel zero'ing out the RNG state if the
process forks.

ok deraadt, djm

show more ...


123