|
|
|
|
|
|
by cyphar
2423 days ago
|
|
|
The problem is that the "right kernel API" (get_random_u32) will return whatever the hardware-provided RNG returns if it's available[1]. There is assembly in WireGuard for the crypto primitive implementations, but those are generated by scripts and are based on either formally-proven implementations or highly-vetted ones. [1]: https://elixir.bootlin.com/linux/v5.3.6/source/drivers/char/... |
|
|