]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 98be2e8) | patch
fips-jitter: set provider into error state upon CRNG permanent failures
authorDimitri John Ledkov <dimitri.ledkov@surgut.co.uk>
Fri, 15 Nov 2024 05:32:33 +0000 (05:32 +0000)
committerTomas Mraz <tomas@openssl.org>
Mon, 25 Nov 2024 14:20:55 +0000 (15:20 +0100)
commitb9886a6f3483e0525596d3b3956416282038da82
tree070ce1de2f821e51b8101ecb80b74fa7d0dd13fetree
parent98be2e8fb60aaece2e4c3d42e87671fe22c081a2commit | diff
fips-jitter: set provider into error state upon CRNG permanent failures

With fips-jitter build time option, jitter can be inside FIPS
boundary.

Calls to jent_read_entropy() can return permanent failures for
Repetitive Count Test (RTC), Adaptive Proportion Test (APT), LAG
prediction test.

Ensure the module enters error state upon permanent jitter failures.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25957)
providers/implementations/rands/seed_src_jitter.c diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git