[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[MirageOS-devel] mirage-entropy

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA384

Hi,

for our upcoming release of ocaml-tls, we need to seed our random
number generator (which is fortuna, implemented here
https://github.com/mirleft/ocaml-nocrypto/blob/master/src/rng.ml ).

To achieve that, I implemented an ENTROPY device in mirage and
mirage-types (https://github.com/mirage/mirage/pull/256) - which API
is only a single function:
  val entropy : t -> int -> [ `Ok of buffer | `Error of error ] io
  (** [entropy t count] returns a [buffer] of [count] bytes from the
entropy pool [t]. *)

The buffer is a Cstruct.t in the V1_LWT interface.

The purpose is to get (in a non-blocking manner) some entropy bytes.
If no entropy device is available, an error is thrown (type error = [
| `No_entropy_device of string ]).

Furthermore, I implemented a unix version
(https://github.com/mirage/mirage-entropy) which reads the bytes from
/dev/random (any ideas whether there is a POSIX way to get entropy,
not random?). On XEN the stub implementation currently errors out -
the idea is that the host system provides an entropy device for the
virtual machine guests (this code needs to be written, any volunteers?).


Hannes
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (FreeBSD)

iQIcBAEBCQAGBQJTtX6pAAoJELyJZYjffCju3C8P/13aSxNgNxdBjBt6GaDmfxcM
e7oOQHJHAqVNbOPq2bPDNdQMCPbhraNLjpmxsYomap6hJtiOqd6xX8iuXs4Jq/uY
zL+epR5L9kOjKa9XJxPp5dZT201I59gnAfwP8padbpKLhvZDaF+sn6/LrhYgOhtu
refuWGtn1yqySlR9R2lMspJ2a9Nov2a+F84nQkPCDXt87kyBJPW5mPpZpSu4RCqK
ApW8bCq3PZPLGOzjiK4G5zD5Yqdaxxr0FswFF+O/jb3hxWrgnFL1fcPqv/aGsbZs
iyXYntwyWVAQ/X9gDuHGamdWpBJGxj0Hjs70yEOk/qULan4AcDmg9pnbvM6S0Wwy
Tu5Ri41Bxl9Bfh33zZOM2sbJxbczk4B02wm4MUIZd0qewQWB4Cez/S2b3xLZKPQX
KewZomYuW3H33X3VcmebLQ/BplRtr5yjtoq1kShDRMXznYoAYOaF2bx7bh+U/CvK
xxiP2wB+OwAU/GtT/C3gEtvZBqrU6cJS12HB0v0TrU95zLVBP7Et3J44LZhgx+2r
iA07FAam/yJ+orRi7bjTGyl1EzuSZtLS7nTeQ0eME1O8fy88JPmAXOLebhaoSBm+
fe19kVlZ05iiY7ffKcXgX8Uw1fRdgJxFEdAZj2uiAxBglmKuMsVLfgctGyXgeYFE
C5QQZlnD3b5by/p/Tl9X
=DR0P
-----END PGP SIGNATURE-----

_______________________________________________
MirageOS-devel mailing list
MirageOS-devel@xxxxxxxxxxxxxxxxxxxx
http://lists.xenproject.org/cgi-bin/mailman/listinfo/mirageos-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.