mirror of
https://github.com/opnsense/src.git
synced 2026-06-05 06:42:56 -04:00
c8ebbd28aa
The EFI RNG on some platforms takes a long time if we request 2048 bytes of entropy, so we would like to request less; but our kernel Fortuna RNG needs to be fed 2048 bytes in order to consider itself "fully seeded". If we have between 64 bytes (the size of a single Fortuna pool and enough to guarantee cryptographic security) and 2048 bytes (what Fortuna wants) then the boot process will hang waiting for more entropy despite in fact having enough to operate securely. Since 64 bytes of entropy is plenty to be cryptographically secure (an attack of cost ~ 2^128 is infeasible, which implies a mere 16 bytes of entropy), use PBKDF2 (aka pkcs5v2_genkey_raw) to spread the entropy across 2048 bytes. This is secure since PBKDF2 has the property that every subset of output bytes has within O(1) of the maximum possible amount of entropy. Reviewed by: pjd MFC after: 1 week Sponsored by: Amazon Differential Revision: https://reviews.freebsd.org/D46635 |
||
|---|---|---|
| .. | ||
| arm64 | ||
| common | ||
| defaults | ||
| efi | ||
| fdt | ||
| ficl | ||
| ficl32 | ||
| fonts | ||
| forth | ||
| i386 | ||
| images | ||
| kboot | ||
| kshim | ||
| liblua | ||
| liblua32 | ||
| libofw | ||
| libsa | ||
| libsa32 | ||
| lua | ||
| man | ||
| powerpc | ||
| uboot | ||
| usb | ||
| userboot | ||
| defs.mk | ||
| fdt.mk | ||
| ficl.mk | ||
| loader.mk | ||
| lua.mk | ||
| Makefile | ||
| Makefile.amd64 | ||
| Makefile.inc | ||
| veriexec.mk | ||