On 11/15/19 14:28, Ard Biesheuvel wrote: > On Thu, 14 Nov 2019 at 04:39, Wang, Jian J <jian.j.w...@intel.com> wrote: >> >> Mike, >> >> I figured that rdseed is only needed in cases demanding highest entropy, >> like seeding other pseudo-RNG. It's not for general purpose randomness. >> Then I put it in SecurityPkg. But I'm ok to put it into MdePkg. I have no >> strong opinion for this. >> > > I think it is a bad idea to use the same library abstraction [RngLib] > for exposing > a) entropy sources used for seeding deterministic random number generators > b) deterministic random number generators themselves > c) low entropy pseudo-RNGs based on timestamp counters, etc > > given that the use cases don't usually overlap. I.e., only a DRBG > implementation requires a), and exports RngLib itself based on that. > Use cases that can tolerate c) [like IV generators for block > encryption] are typically disjoint from ones that require b) [for key > generation]. The idea that you can use RngLib for all of them, and > plug arbitrary instantiations of it into each is misguided IMHO.
Thank you for this awesome explanation! Laszlo -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#50736): https://edk2.groups.io/g/devel/message/50736 Mute This Topic: https://groups.io/mt/56714084/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
