doc: explicitly state that rng self_test mustn't require rng initialization

author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2016-10-24 08:30:06 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2016-11-04 02:56:25 +0100
commit: a57ff585661bcef9b6a8ce1a59ea10834ff92f91 (patch)
tree: 8ab7401d7864b3ae7457d424229c6a1725b67822
parent: 34d25befa62ceba5af915f25393c5f62093d4591 (diff)
download: gnutls-a57ff585661bcef9b6a8ce1a59ea10834ff92f91.tar.gz
2 files changed, 3 insertions, 2 deletions
diff --git a/lib/crypto-backend.h b/lib/crypto-backend.h
index 6f4b743b88..1619bf0fa5 100644
--- a/lib/crypto-backend.h
+++ b/lib/crypto-backend.h
@@ -77,7 +77,7 @@ typedef struct gnutls_crypto_rnd {
 	int (*rnd) (void *ctx, int level, void *data, size_t datasize);
 	void (*rnd_refresh) (void *ctx);
 	void (*deinit) (void *ctx);
-	int (*self_test) (void);
+	int (*self_test) (void); /* this should not require rng initialization */
 } gnutls_crypto_rnd_st;
 
 typedef void *bigint_t;
diff --git a/lib/fips.c b/lib/fips.c
index 8a0ada34bc..677c047b7b 100644
--- a/lib/fips.c
+++ b/lib/fips.c
@@ -350,7 +350,8 @@ int _gnutls_fips_perform_self_checks2(void)
 		gnutls_assert();
 		goto error;
 	}
-	
+
+	/* this does not require rng initialization */
 	ret = _gnutls_rnd_ops.self_test();
 	if (ret < 0) {
 		gnutls_assert();
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2016-10-24 08:30:06 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2016-11-04 02:56:25 +0100
commit	a57ff585661bcef9b6a8ce1a59ea10834ff92f91 (patch)
tree	8ab7401d7864b3ae7457d424229c6a1725b67822
parent	34d25befa62ceba5af915f25393c5f62093d4591 (diff)
download	gnutls-a57ff585661bcef9b6a8ce1a59ea10834ff92f91.tar.gz