projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cd353c7) | patch
Add the FIPS related continuous random number generator (CRNG) testing.
authorPauli <paul.dale@oracle.com>
Fri, 29 Mar 2019 07:50:48 +0000 (17:50 +1000)
committerPauli <paul.dale@oracle.com>
Fri, 29 Mar 2019 07:50:48 +0000 (17:50 +1000)
commitd69226a3fc8e8448572d175e8d96ff7e817b1ebd
tree059ab7b3c416073522c9cc8903fe96c8637de6f1tree | snapshot
parentcd353c7768e7f1dfdfe369be900666241ddedefbcommit | diff
Add the FIPS related continuous random number generator (CRNG) testing.
Refer to FIPS 140-2 section 4.9.2 Conditional Tests for details.

The check is fairly simplistic, being for the entropy sources to not feed
the DRBG the same block of seed material twice in a row.  Only the first
DRBG in a chain is subject to this check, latter DRBGs are assumed to be
safely seeded via the earlier DRBGs.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8599)
crypto/include/internal/rand_int.h diff | blob | history
crypto/rand/build.info diff | blob | history
crypto/rand/drbg_lib.c diff | blob | history
crypto/rand/rand_crng_test.c [new file with mode: 0644] blob
crypto/rand/rand_lcl.h diff | blob | history
test/drbgtest.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.