package mirage-crypto-rng

Entropy sources.

sources () returns the list of available sources.

pp_source ppf source pretty-prints the entropy source on ppf.

register_source name registers name as entropy source.

whirlwind_bootstrap id exploits CPU-level data races which lead to execution-time variability. It returns 200 bytes random data prefixed by id.

See http://www.ieee-security.org/TC/SP2014/papers/Not-So-RandomNumbersinVirtualizedLinuxandtheWhirlwindRNG.pdf for further details.

cpu_rng_bootstrap id returns 8 bytes of random data using the CPU RNG (rdseed). On 32bit platforms, only 4 bytes are filled. The id is used as prefix. If only rdrand is available, the return value is the concatenation of 512 calls to rdrand.

• raises Failure

  if rdrand fails 512 times, or if rdseed fails and rdrand is not available.

bootstrap id is either cpu_rng_bootstrap, if the CPU supports it, or whirlwind_bootstrap if not.

interrupt_hook collects lower bytes from the cycle counter, to be used for entropy collection in the event loop.

timer_accumulator g is the accumulator for the timer source, applying interrupt_hook on each call.

feed_pools g source f feeds all pools of g using source by executing f for each pool.

cpu_rng g uses the CPU RNG (rdrand or rdseed) to feed all pools of g. It uses feed_pools internally. If neither rdrand nor rdseed are available, `Not_supported is returned.

rdrand_calls () returns the number of rdrand calls.

rdrand_failures () returns the number of rdrand failures.

rdseed_calls () returns the number of rdseed calls.

rdseed_failures () returns the number of rdseed failures.