[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
04/04: gnu: Add jitterentropy-rngd.
|
From: |
guix-commits |
|
Subject: |
04/04: gnu: Add jitterentropy-rngd. |
|
Date: |
Tue, 5 Jan 2021 19:04:07 -0500 (EST) |
nckx pushed a commit to branch master
in repository guix.
commit c23541112d09d7bdf8b6dc5fed6717560249fad0
Author: Tobias Geerinckx-Rice <me@tobias.gr>
AuthorDate: Wed Jan 6 00:39:48 2021 +0100
gnu: Add jitterentropy-rngd.
* gnu/packages/linux.scm (jitterentropy-rngd): New public variable.
---
gnu/packages/linux.scm | 49 ++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 48 insertions(+), 1 deletion(-)
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index a8bb9db..71f21aa 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -7,7 +7,7 @@
;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
;;; Copyright © 2015, 2016, 2017, 2018, 2020 Efraim Flashner
<efraim@flashner.co.il>
;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
-;;; Copyright © 2016, 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice
<me@tobias.gr>
+;;; Copyright © 2016–2021 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2016, 2017 Alex Kost <alezost@gmail.com>
;;; Copyright © 2016 Raymond Nicholson <rain1@openmailbox.org>
;;; Copyright © 2016 Mathieu Lirzin <mthl@gnu.org>
@@ -2245,6 +2245,53 @@ IPv6 packet filter.
Both commands are targeted at system administrators.")
(license license:gpl2+)))
+(define-public jitterentropy-rngd
+ (package
+ (name "jitterentropy-rngd")
+ (version "1.2.0")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/smuellerDD/jitterentropy-rngd";)
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "1fb8zfwhwkl1d8n4cdn7rdv5rwd75qgc00d36pmkl7wgnj3c9xda"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:tests? #f ; no test suite
+ #:make-flags
+ (list (string-append "CC=" ,(cc-for-target))
+ (string-append "PREFIX=" (assoc-ref %outputs "out"))
+ "UNITDIR=$(PREFIX)/lib/systemd/system")
+ #:phases
+ (modify-phases %standard-phases
+ (delete 'configure)))) ; no ./configure script
+ (home-page "https://www.chronox.de/jent.html";)
+ (synopsis "CPU jitter random number generator daemon")
+ (description
+ "This simple daemon feeds entropy from the CPU Jitter @acronym{RNG, random
+number generator} core to the kernel Linux's entropy estimator. This prevents
+the @file{/dev/random} device from blocking and should benefit users of the
+preferred @file{/dev/urandom} and @code{getrandom()} interfaces too.
+
+The CPU Jitter RNG itself is part of the kernel and claims to provide good
+entropy by collecting and magnifying differences in CPU execution time as
+measured by the high-resolution timer built into modern CPUs. It requires no
+additional hardware or external entropy source.
+
+The random bit stream generated by @command{jitterentropy-rngd} is not
processed
+by a cryptographically secure whitening function. Nonetheless, its authors
+believe it to be a suitable source of cryptographically secure key material or
+other cryptographically sensitive data.
+
+If you agree with them, start this daemon as early as possible to provide
+properly seeded random numbers to services like SSH or those using TLS during
+early boot when entropy may be low, especially in virtualised environments.")
+ (license (list license:bsd-3 ; or
+ license:gpl2+))))
+
(define-public lsscsi
(package
(name "lsscsi")