Home GnuPG

random: Use getrandom (GRND_RANDOM) in FIPS mode.
Concern Raisedcf10c74bd9d5Unpublished

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

random: Use getrandom (GRND_RANDOM) in FIPS mode.

* random/rndgetentropy.c (_gcry_rndgetentropy_gather_random): Use
  GRND_RANDOM in FIPS Mode

Cherry-picked master commit:
aab1d63e4def41593312f76de016c885ffafecde

The SP800-90C (clarified in IG D.K.) requires the following when
different DRBGs are chained:

  • the parent needs to be reseeded before generate operation
  • the reseed & generate needs to be atomic

In RHEL, this is addressed by change in the kernel, that will do this
automatically, when the getentropy () is called with GRND_RANDOM flag.

  • Signed-off-by: Jakub Jelen <jjelen@redhat.com>

Details

Auditors
werner
Provenance
JakujeAuthored on Aug 16 2022, 3:30 PM
gniibeCommitted on Aug 30 2022, 4:02 AM
Parents
rC285bf54b1ac7: Simplify the PCT for RSA and ECDSA
Branches
Unknown
Tags
Unknown

Event Timeline

werner added a subscriber: werner.

This does not work.

  • getentropy always fills the BUFFER with the requested NBYTES.
  • getrandom fills the BUFFER with up to NBYTES and returns the number of bytes actually store.

Thus NBYTES needs to be set to the value or ret after error checking.

This commit now has outstanding concerns.Aug 30 2022, 9:55 AM