Skip to content
Commit 5b739ef8 authored by Neil Horman's avatar Neil Horman Committed by Herbert Xu
Browse files

random: Add optional continuous repetition test to entropy store based rngs



FIPS-140 requires that all random number generators implement continuous self
tests in which each extracted block of data is compared against the last block
for repetition.  The ansi_cprng implements such a test, but it would be nice if
the hw rng's did the same thing.  Obviously its not something thats always
needed, but it seems like it would be a nice feature to have on occasion. I've
written the below patch which allows individual entropy stores to be flagged as
desiring a continuous test to be run on them as is extracted.  By default this
option is off, but is enabled in the event that fips mode is selected during
bootup.

Signed-off-by: default avatarNeil Horman <nhorman@tuxdriver.com>
Acked-by: default avatarMatt Mackall <mpm@selenic.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent b6f34d44
Loading
Loading
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment