vikarti.anatra/safing-portbase
1
0
Fork 0
mirror of https://github.com/safing/portbase synced 2025-09-02 18:50:14 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #52 from safing/fix/make-second-os-rng-feed-async

Browse source 
Make second OS rng feed async
This commit is contained in:
Patrick Pacher 2020-05-29 14:46:01 +02:00 committed by GitHub
commit 03eaf58e69
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
rng/rng.go
View file

@ -1,6 +1,7 @@
package rng package rng
import ( import (
"context"
"crypto/aes" "crypto/aes"
"crypto/cipher" "crypto/cipher"
"crypto/rand" "crypto/rand"
@ -49,14 +50,22 @@ func start() error {
return errors.New("failed to initialize rng") return errors.New("failed to initialize rng")
} }
// explicitly add randomness // add another (async) OS rng seed
osEntropy := make([]byte, minFeedEntropy/8) module.StartWorker("initial rng feed", func(_ context.Context) error {
_, err := rand.Read(osEntropy) // get entropy from OS
if err != nil { osEntropy := make([]byte, minFeedEntropy/8)
return fmt.Errorf("could not read entropy from os: %s", err) _, err := rand.Read(osEntropy)
} if err != nil {
rng.Reseed(osEntropy) return fmt.Errorf("could not read entropy from os: %s", err)
}
// feed
rngLock.Lock()
rng.Reseed(osEntropy)
rngLock.Unlock()
return nil
})
// mark as ready
rngReady = true rngReady = true
// random source: OS // random source: OS