diff options
author | Jakub Jelen <jjelen@redhat.com> | 2022-08-16 15:30:43 +0200 |
---|---|---|
committer | NIIBE Yutaka <gniibe@fsij.org> | 2022-08-30 11:02:15 +0900 |
commit | cf10c74bd9d5aa80798f1c0e23a9126f381b26b3 (patch) | |
tree | 1cc275d3edf11941c274a16224d20d861f521740 | |
parent | 285bf54b1ac7b5609a675655fe2cb9117ab78d3d (diff) | |
download | libgcrypt-cf10c74bd9d5aa80798f1c0e23a9126f381b26b3.tar.gz |
random: Use getrandom (GRND_RANDOM) in FIPS mode.
* random/rndgetentropy.c (_gcry_rndgetentropy_gather_random): Use
GRND_RANDOM in FIPS Mode
--
Cherry-picked master commit:
aab1d63e4def41593312f76de016c885ffafecde
The SP800-90C (clarified in IG D.K.) requires the following when
different DRBGs are chained:
* the parent needs to be reseeded before generate operation
* the reseed & generate needs to be atomic
In RHEL, this is addressed by change in the kernel, that will do this
automatically, when the getentropy () is called with GRND_RANDOM flag.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
-rw-r--r-- | random/rndgetentropy.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/random/rndgetentropy.c b/random/rndgetentropy.c index 7580873e..db4b09ed 100644 --- a/random/rndgetentropy.c +++ b/random/rndgetentropy.c @@ -82,7 +82,10 @@ _gcry_rndgetentropy_gather_random (void (*add)(const void*, size_t, { nbytes = length < sizeof (buffer)? length : sizeof (buffer); _gcry_pre_syscall (); - ret = getentropy (buffer, nbytes); + if (fips_mode ()) + ret = getrandom (buffer, nbytes, GRND_RANDOM); + else + ret = getentropy (buffer, nbytes); _gcry_post_syscall (); } while (ret == -1 && errno == EINTR); |