1. 08 May, 2020 25 commits
  2. 30 Apr, 2020 11 commits
  3. 24 Apr, 2020 4 commits
    • Tang Bin's avatar
      crypto: bcm - Delete redundant variable definition · 9c3d6497
      Tang Bin authored
      The variable "i" is redundant to be assigned a value
      of zero,because it's assigned in the for loop, so remove
      redundant one here.
      Signed-off-by: default avatarShengju Zhang <zhangshengju@cmss.chinamobile.com>
      Signed-off-by: default avatarTang Bin <tangbin@cmss.chinamobile.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      9c3d6497
    • Stephan Müller's avatar
      crypto: drbg - always seeded with SP800-90B compliant noise source · 97f2650e
      Stephan Müller authored
      As the Jitter RNG provides an SP800-90B compliant noise source, use this
      noise source always for the (re)seeding of the DRBG.
      
      To make sure the DRBG is always properly seeded, the reseed threshold
      is reduced to 1<<20 generate operations.
      
      The Jitter RNG may report health test failures. Such health test
      failures are treated as transient as follows. The DRBG will not reseed
      from the Jitter RNG (but from get_random_bytes) in case of a health
      test failure. Though, it produces the requested random number.
      
      The Jitter RNG has a failure counter where at most 1024 consecutive
      resets due to a health test failure are considered as a transient error.
      If more consecutive resets are required, the Jitter RNG will return
      a permanent error which is returned to the caller by the DRBG. With this
      approach, the worst case reseed threshold is significantly lower than
      mandated by SP800-90A in order to seed with an SP800-90B noise source:
      the DRBG has a reseed threshold of 2^20 * 1024 = 2^30 generate requests.
      
      Yet, in case of a transient Jitter RNG health test failure, the DRBG is
      seeded with the data obtained from get_random_bytes.
      
      However, if the Jitter RNG fails during the initial seeding operation
      even due to a health test error, the DRBG will send an error to the
      caller because at that time, the DRBG has received no seed that is
      SP800-90B compliant.
      Signed-off-by: default avatarStephan Mueller <smueller@chronox.de>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      97f2650e
    • Stephan Müller's avatar
      crypto: jitter - SP800-90B compliance · 764428fe
      Stephan Müller authored
      SP800-90B specifies various requirements for the noise source(s) that
      may seed any DRNG including SP800-90A DRBGs. In November 2020,
      SP800-90B will be mandated for all noise sources that provide entropy
      to DRBGs as part of a FIPS 140-[2|3] validation or other evaluation
      types. Without SP800-90B compliance, a noise source is defined to always
      deliver zero bits of entropy.
      
      This patch ports the SP800-90B compliance from the user space Jitter RNG
      version 2.2.0.
      
      The following changes are applied:
      
      - addition of (an enhanced version of) the repetitive count test (RCT)
        from SP800-90B section 4.4.1 - the enhancement is due to the fact of
        using the stuck test as input to the RCT.
      
      - addition of the adaptive proportion test (APT) from SP800-90B section
        4.4.2
      
      - update of the power-on self test to perform a test measurement of 1024
        noise samples compliant to SP800-90B section 4.3
      
      - remove of the continuous random number generator test which is
        replaced by APT and RCT
      
      Health test failures due to the SP800-90B operation are only enforced in
      FIPS mode. If a runtime health test failure is detected, the Jitter RNG
      is reset. If more than 1024 resets in a row are performed, a permanent
      error is returned to the caller.
      Signed-off-by: default avatarStephan Mueller <smueller@chronox.de>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      764428fe
    • Colin Ian King's avatar
      crypto: algif_rng - remove redundant assignment to variable err · 63e05f32
      Colin Ian King authored
      The variable err is being initialized with a value that is never read
      and it is being updated later with a new value.  The initialization is
      redundant and can be removed.
      
      Addresses-Coverity: ("Unused value")
      Signed-off-by: default avatarColin Ian King <colin.king@canonical.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      63e05f32