From 582cf3182e7dbaea178eabc8357f5c7ac8f2c2c3 Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Mon, 17 Sep 2018 16:16:57 -0700
Subject: [PATCH] FIPSv2: RNG Update 1. Update the SEED_BLOCK_SZ to 4 for
 non-FIPS builds. 2. Change fips-check.sh to skip copying over the
 random.{c,h} files for now. Need the tagged versions of the other files and
 the new random for now.

---
 fips-check.sh          | 2 ++
 wolfcrypt/src/random.c | 5 ++---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/fips-check.sh b/fips-check.sh
index a88f583d2..901053ea5 100755
--- a/fips-check.sh
+++ b/fips-check.sh
@@ -161,6 +161,8 @@ linuxv2)
   CRYPT_VERSION=$LINUXV2_CRYPT_VERSION
   CRYPT_INC_PATH=wolfssl/wolfcrypt
   CRYPT_SRC_PATH=wolfcrypt/src
+# Replace the WC_MODS list for now. Do not want to copy over random.c yet.
+  WC_MODS=( aes des3 sha sha256 sha512 rsa hmac )
   WC_MODS+=( cmac dh ecc )
   FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
   FIPS_INCS=( fips.h )
diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c
index 0dc71be55..597fbb24f 100755
--- a/wolfcrypt/src/random.c
+++ b/wolfcrypt/src/random.c
@@ -225,9 +225,8 @@ int wc_RNG_GenerateByte(WC_RNG* rng, byte* b)
         /* RDSEED outputs in blocks of 64-bits. */
         #define SEED_BLOCK_SZ sizeof(word64)
     #else
-        /* Setting the default to 2. It is not unreasonable for /dev/random
-         * or /dev/urandom to return two bytes that are the same. */
-        #define SEED_BLOCK_SZ 2
+        /* Setting the default to 4. */
+        #define SEED_BLOCK_SZ 4
     #endif
 #endif