wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

FIPSv2: RNG Update

Browse Source 
1. Update the SEED_BLOCK_SZ to 4 for non-FIPS builds.
2. Change fips-check.sh to skip copying over the random.{c,h} files for
now. Need the tagged versions of the other files and the new random for
now.
This commit is contained in:
John Safranek
2018-09-17 16:16:57 -07:00
parent 4aa85f956f
commit 582cf3182e
2 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
fips-check.sh
View File

@ -161,6 +161,8 @@ linuxv2)
CRYPT_VERSION=$LINUXV2_CRYPT_VERSION CRYPT_VERSION=$LINUXV2_CRYPT_VERSION
CRYPT_INC_PATH=wolfssl/wolfcrypt CRYPT_INC_PATH=wolfssl/wolfcrypt
CRYPT_SRC_PATH=wolfcrypt/src CRYPT_SRC_PATH=wolfcrypt/src
# Replace the WC_MODS list for now. Do not want to copy over random.c yet.
WC_MODS=( aes des3 sha sha256 sha512 rsa hmac )
WC_MODS+=( cmac dh ecc ) WC_MODS+=( cmac dh ecc )
FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c ) FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
FIPS_INCS=( fips.h ) FIPS_INCS=( fips.h )

5
wolfcrypt/src/random.c
View File

@ -225,9 +225,8 @@ int wc_RNG_GenerateByte(WC_RNG* rng, byte* b)
/* RDSEED outputs in blocks of 64-bits. */ /* RDSEED outputs in blocks of 64-bits. */
#define SEED_BLOCK_SZ sizeof(word64) #define SEED_BLOCK_SZ sizeof(word64)
#else #else
/* Setting the default to 2. It is not unreasonable for /dev/random /* Setting the default to 4. */
* or /dev/urandom to return two bytes that are the same. */ #define SEED_BLOCK_SZ 4
#define SEED_BLOCK_SZ 2
#endif #endif
#endif #endif