On Wed, Aug 03, 2011, Henrik Grindal Bakken wrote: > > Hi. I'm working on FIPS-validating a product using OpenSSL (but with > a crypto module spanning wider, so we can't easily use the OpenSSL > crypto module). During code review, some questions about the RNG > tests have come up. Most specifically, from what I can read, SP > 800-90 requires that (in 11.3.4) the reseed function shall perform a > known-answer test before reseeding, and from what I can read in the > code, this doesn't happen. > > Is there a reason for this? >
The OpenSSL implementation supports prediction resistance so 11.3.4 #2 should apply in this case. I notice however that it doesn't directly test entropy failure on an explicit reseed: though it does on a reseed caused by a PR request. I'll update it to include an explicit test too. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org