[PATCH master 1/2] crypto: ecc: use HWRNG for random numbers
Sascha Hauer
s.hauer at pengutronix.de
Tue Apr 22 01:25:05 PDT 2025
On Thu, 17 Apr 2025 08:21:51 +0200, Ahmad Fatoum wrote:
> The kernel's get_random_bytes provides random numbers suitable for crypto
> purposes, while in barebox, we need to use get_crypto_bytes for that.
>
> This footgun needs to be fixed, but until we do, let's make sure crypto
> code doesn't use a badly seeded PRNG.
>
> Fortunately crypto_ecdh_shared_secret is currently unused and this
> doesn't affect any upstream users.
>
> [...]
Applied, thanks!
[1/2] crypto: ecc: use HWRNG for random numbers
https://git.pengutronix.de/cgit/barebox/commit/?id=4532f50b8a8a (link may not be stable)
[2/2] crypto: imx-scc: blobgen: use HWRNG for random numbers
https://git.pengutronix.de/cgit/barebox/commit/?id=cc8b962b1dca (link may not be stable)
Best regards,
--
Sascha Hauer <s.hauer at pengutronix.de>
More information about the barebox
mailing list