On Mon, Feb 20, 2017 at 8:14 AM, Nikos Mavrogiannopoulos n.mavrogiannopoulos@gmail.com wrote:
For the yarrow reseed logic, I think it may be preferable with a global instance.
If we need yarrow, your recommendation seems to be the right approach. However, another thought it has been bugging me lately, is whether we need yarrow in gnutls. It looks quite suited for something central like /dev/urandom which has several maybe untrusted inputs, but for gnutls which seeds from /dev/urandom (or the equivalent system calls), having a PRNG which concerns itself with manipulation of input may not be adding the security it is perceived to add.
And to answer myself, I do not think we need something complex as yarrow in gnutls. Older systems may have needed it, but today we can rely on /dev/urandom and getentropy() interfaces, and as such I no longer it is necessary to bring that complexity to gnutls.
I've redesigned the whole random generator and provided a high level description at: https://gitlab.com/gnutls/gnutls/blob/c6a01ff6c5a44a19b5f6dba9280da96cc28f92...
The corresponding code is at: https://gitlab.com/gnutls/gnutls/merge_requests/259
regards, Nikos