projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3b804c5) | patch
fips selftest: avoid relying on a real RNG for self tests
authorPauli <pauli@openssl.org>
Tue, 5 Sep 2023 00:16:49 +0000 (10:16 +1000)
committerPauli <pauli@openssl.org>
Tue, 3 Oct 2023 07:54:03 +0000 (18:54 +1100)
commitbc347a35d025b989abfeb8ef556f895cb1ee9381
treebed1fe9df817b292be9d7f71de913c8eecb9f957tree | snapshot
parent3b804c513d8d586ba8df064ee7893c10f0a0759ccommit | diff
fips selftest: avoid relying on a real RNG for self tests

Rather than instantiate the private and primary DRBGs during the
selftest, instead use a test RNG.  This leaves the DRBG setup
pristine and permits later replacement of the seed source despite
the very early running power up self tests.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22210)
crypto/rand/rand_lib.c diff | blob | history
include/crypto/rand.h diff | blob | history
include/openssl/core_names.h diff | blob | history
providers/fips/self_test.c diff | blob | history
providers/fips/self_test_kats.c diff | blob | history
providers/implementations/rands/test_rng.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.