From: Simon J. Gerraty (sjgcrufty.net)
Date: Mon Feb 20 2006 - 17:26:11 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 20 Feb 2006 16:45:09 -0500, Thor Lancelot Simon writes:
>That depends what level you're certifying to. At level 4, IIRC, periodic

Sure, but interesting level 4 modules are very rare ;-)

>correct, however. Is it really the case that output from a hardware
>source should only be fed into the software mixing function if the raw
>HW output passes the tests? I am not so sure, and think the issue

That's what I was told to do. It took some debate to avoid needing
to _always_ test the output from /dev/urandom (my chosen seed source)
even when not being used for crypto purposes. Different labs seem to
vary depending on how conservative they are.

>We should be doing continuous-output tests on all random number sources,
>and on the generator output, no matter what. It is a little tricky to see
>how to do them for callers that use the interface for adding bulk data,
>though; in those cases it needs to be done within the caller itself, I
>think.

Question is, what to do when such a test fails? I chose to panic() as
the simplest means of meeting the requirement that all non-status
output should stop.

--sjg

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]