Skip to content

Backport 2.16: documentation updates for the xxx_drbg_set_entropy_len fix #2902

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 6 commits into from
Closed

Backport 2.16: documentation updates for the xxx_drbg_set_entropy_len fix #2902

wants to merge 6 commits into from

Conversation

@gilles-peskine-arm
Copy link
Contributor

@gilles-peskine-arm gilles-peskine-arm commented Oct 23, 2019

Follow-up of #2894.

Partial backport of ARMmbed/mbed-crypto#305.

@gilles-peskine-arm
HMAC_DRBG: support set_entropy_len() before seed()
15a76ca 
mbedtls_hmac_drbg_seed() always set the entropy length to the default,
so a call to mbedtls_hmac_drbg_set_entropy_len() before seed() had no
effect. Change this to the more intuitive behavior that
set_entropy_len() sets the entropy length and seed() respects that and
only uses the default entropy length if there was no call to
set_entropy_len().
@gilles-peskine-arm
CTR_DRBG: Don't use functions before they're defined
9dbb271 
Move the definitions of mbedtls_ctr_drbg_seed_entropy_len() and
mbedtls_ctr_drbg_seed() to after they are used. This makes the code
easier to read and to maintain.
@gilles-peskine-arm
CTR_DRBG: support set_entropy_len() before seed()
32eb827 
mbedtls_ctr_drbg_seed() always set the entropy length to the default,
so a call to mbedtls_ctr_drbg_set_entropy_len() before seed() had no
effect. Change this to the more intuitive behavior that
set_entropy_len() sets the entropy length and seed() respects that and
only uses the default entropy length if there was no call to
set_entropy_len().

The former test-only function mbedtls_ctr_drbg_seed_entropy_len() is
no longer used, but keep it for strict ABI compatibility.
@gilles-peskine-arm
Changelog entry for xxx_drbg_set_entropy_len before xxx_drbg_seed
0215ee4
@gilles-peskine-arm
fixup! CTR_DRBG: support set_entropy_len() before seed()
b2e9ddb 
Remove a comment that documented a now-removed restriction.
@gilles-peskine-arm
fixup! HMAC_DRBG: support set_entropy_len() before seed()
6e34ea9
@gilles-peskine-arm gilles-peskine-arm added bug mbed TLS team needs-review Every commit must be reviewed by at least two team members, component-crypto Crypto primitives and low-level interfaces labels Oct 23, 2019
@gilles-peskine-arm
Copy link
Contributor Author

gilles-peskine-arm commented Oct 23, 2019

Oh, the original PR isn't merged yet. So I'll modify the original PR.

@gilles-peskine-arm gilles-peskine-arm deleted the drbg-set_entropy_len-doc_cleanup-2.16 branch October 23, 2019 15:51
@gilles-peskine-arm gilles-peskine-arm restored the drbg-set_entropy_len-doc_cleanup-2.16 branch October 23, 2019 15:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bug component-crypto Crypto primitives and low-level interfaces needs-review Every commit must be reviewed by at least two team members,

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@gilles-peskine-arm