wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5860 from tmael/entropy_memuse

Browse Source 
Increase RNG_SECURITY_STRENGTH for FIPS
This commit is contained in:
Sean Parkinson
2022-12-08 08:26:07 +10:00
committed by GitHub
parent 099135b2f9 1e0886180b
commit 1f607ee560
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
wolfcrypt/src/random.c
View File

@ -258,7 +258,12 @@ int wc_RNG_GenerateByte(WC_RNG* rng, byte* b)
* minimum bits of entropy per bit of NDRNG output. */ * minimum bits of entropy per bit of NDRNG output. */
#if defined(HAVE_ENTROPY_MEMUSE) #if defined(HAVE_ENTROPY_MEMUSE)
/* Full strength, conditioned entropy is requested of MemUse Entropy. */ /* Full strength, conditioned entropy is requested of MemUse Entropy. */
#define ENTROPY_SCALE_FACTOR (1) #if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
(HAVE_FIPS_VERSION >= 2)
#define ENTROPY_SCALE_FACTOR (4)
#else
#define ENTROPY_SCALE_FACTOR (1)
#endif
#elif defined(HAVE_AMD_RDSEED) #elif defined(HAVE_AMD_RDSEED)
/* This will yield a SEED_SZ of 16kb. Since nonceSz will be 0, /* This will yield a SEED_SZ of 16kb. Since nonceSz will be 0,
* we'll add an additional 8kb on top. */ * we'll add an additional 8kb on top. */