• Jarod Wilson's avatar
    crypto: ansi_cprng - enforce key != seed in fips mode · 505172e1
    Jarod Wilson authored
    Apparently, NIST is tightening up its requirements for FIPS validation
    with respect to RNGs. Its always been required that in fips mode, the
    ansi cprng not be fed key and seed material that was identical, but
    they're now interpreting FIPS 140-2, section AS07.09 as requiring that
    the implementation itself must enforce the requirement. Easy fix, we
    just do a memcmp of key and seed in fips_cprng_reset and call it a day.
    
    v2: Per Neil's advice, ensure slen is sufficiently long before we
    compare key and seed to avoid looking at potentially unallocated mem.
    
    CC: Stephan Mueller <smueller@atsec.com>
    CC: Steve Grubb <sgrubb@redhat.com>
    Signed-off-by: default avatarJarod Wilson <jarod@redhat.com>
    Acked-by: default avatarNeil Horman <nhorman@tuxdriver.com>
    Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    505172e1
ansi_cprng.c 11.1 KB