Subject: Re: Reseed testing in the FIPS DRBG implementation
Dr. Stephen Henson st...@openssl.org writes:
The OpenSSL DRBG implementation tests all variants during the POST
and also tests specific versions on instantiation. That includes an
extensive health check and a KAT. So
by: owner-openssl-...@openssl.orgDate: 08/16/2011 05:50PMSubject: Re: Reseed testing in the FIPS DRBG implementation"Dr. Stephen Henson" st...@openssl.org writes: The OpenSSL DRBG implementation tests all variants during the POST and also tests specific versions on instantiation. Tha
Dr. Stephen Henson st...@openssl.org writes:
The OpenSSL DRBG implementation tests all variants during the POST
and also tests specific versions on instantiation. That includes an
extensive health check and a KAT. So in that sense there will be two
KATs before a reseed takes place but no KAT
Hi. I'm working on FIPS-validating a product using OpenSSL (but with
a crypto module spanning wider, so we can't easily use the OpenSSL
crypto module). During code review, some questions about the RNG
tests have come up. Most specifically, from what I can read, SP
800-90 requires that (in
On Wed, Aug 03, 2011, Henrik Grindal Bakken wrote:
Hi. I'm working on FIPS-validating a product using OpenSSL (but with
a crypto module spanning wider, so we can't easily use the OpenSSL
crypto module). During code review, some questions about the RNG
tests have come up. Most
Dr. Stephen Henson st...@openssl.org writes:
On Wed, Aug 03, 2011, Henrik Grindal Bakken wrote:
Hi. I'm working on FIPS-validating a product using OpenSSL (but with
a crypto module spanning wider, so we can't easily use the OpenSSL
crypto module). During code review, some questions about