1. 27 May, 2015 1 commit
    • Stephan Mueller's avatar
      crypto: drbg - prepare for async seeding · 3d6a5f75
      Stephan Mueller authored
      In order to prepare for the addition of the asynchronous seeding call,
      the invocation of seeding the DRBG is moved out into a helper function.
      
      In addition, a block of memory is allocated during initialization time
      that will be used as a scratchpad for obtaining entropy. That scratchpad
      is used for the initial seeding operation as well as by the
      asynchronous seeding call. The memory must be zeroized every time the
      DRBG seeding call succeeds to avoid entropy data lingering in memory.
      
      CC: Andreas Steffen <andreas.steffen@strongswan.org>
      CC: Theodore Ts'o <tytso@mit.edu>
      CC: Sandy Harris <sandyinchina@gmail.com>
      Signed-off-by: default avatarStephan Mueller <smueller@chronox.de>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      3d6a5f75
  2. 23 Apr, 2015 1 commit
  3. 22 Apr, 2015 1 commit
  4. 21 Apr, 2015 6 commits
  5. 09 Mar, 2015 1 commit
  6. 04 Mar, 2015 2 commits
  7. 04 Jan, 2015 1 commit
  8. 22 Dec, 2014 1 commit
    • Stephan Mueller's avatar
      crypto: drbg - panic on continuous self test error · 905b42e5
      Stephan Mueller authored
      This patch adds a panic if the FIPS 140-2 self test error failed.
      Note, that entire code is only executed with fips_enabled (i.e. when the
      kernel is booted with fips=1. It is therefore not executed for 99.9% of
      all user base.
      
      As mathematically such failure cannot occur, this panic should never be
      triggered. But to comply with NISTs current requirements, an endless
      loop must be replaced with the panic.
      
      When the new version of FIPS 140 will be released, this entire
      continuous self test function will be ripped out as it will not be
      needed any more.
      
      This patch is functionally equivalent as implemented in ansi_cprng.c and drivers/char/random.c.
      Signed-off-by: default avatarStephan Mueller <smueller@chronox.de>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      905b42e5
  9. 27 Nov, 2014 1 commit
  10. 26 Nov, 2014 1 commit
  11. 10 Nov, 2014 1 commit
  12. 24 Oct, 2014 1 commit
  13. 05 Sep, 2014 1 commit
  14. 26 Aug, 2014 1 commit
  15. 25 Aug, 2014 8 commits
  16. 01 Aug, 2014 1 commit
  17. 10 Jul, 2014 1 commit
  18. 08 Jul, 2014 6 commits
  19. 04 Jul, 2014 3 commits
  20. 26 Jun, 2014 1 commit