All users were logged out of Bugzilla on October 13th, 2018

DRBG Reseed function needs to be tested on POST

RESOLVED FIXED in 3.12.4

Status

P1
blocker
RESOLVED FIXED
10 years ago
10 years ago

People

(Reporter: rrelyea, Assigned: rrelyea)

Tracking

3.12.4
3.12.4

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: FIPS Thaw)

Attachments

(1 attachment)

(Assignee)

Description

10 years ago
In FIPS mode, the DRBG reseed function needs to be tested on Powerup along with the other functions.
(Assignee)

Updated

10 years ago
Whiteboard: FIPS Thaw
(Assignee)

Comment 1

10 years ago
Created attachment 384170 [details] [diff] [review]
Add reseed tests.
Attachment #384170 - Flags: review?(nelson)
Priority: -- → P1
Comment on attachment 384170 [details] [diff] [review]
Add reseed tests.

Bob, here is a question for you about your intention for this patch.
Please answer this question with re-reading the patch first. :)

Given that the size of the array entropy[]          is 80 bytes,
           the size of the array reseed_entropy[]   is 32 bytes, 
           the size of the array additional_input[] is 32 bytes, 
what sizes did you intend for these arrays?:
           rng_known_result[]
           rng_reseed_result[]
           result[] 

Did you intend them to be 64?  32?  a power of 2?  a multiple of 8? 

Would you be surprised to learn that it is an ODD number, and 
is not merely one greater or one less than a power of 2?  

(Answer that now, and then go look at the patch.)

If you actually intended for those result arrays to have length of 
fifty five bytes, then this patch is OK, otherwise ...

Please advise.
(Assignee)

Comment 3

10 years ago
result rng_known_result and rng_reseed_result are 440 bits (the length of the internal state of the prng).

The original inputs were taken from a standard sha256 sample test given to us by the lab. That test had an output of 3000 some bits. When I added the prng I shrunk that down to 440 since I was adding a second test, and I figured 440 is enough bits to be confident the internal state was really correct.

440 buts are 55 bytes, so thus the odd number

bob
Comment on attachment 384170 [details] [diff] [review]
Add reseed tests.

ok, thanks.  r=nelson
Attachment #384170 - Flags: review?(nelson) → review+
(Assignee)

Comment 5

10 years ago
Checking in fipstest.c;
/cvsroot/mozilla/security/nss/lib/softoken/fipstest.c,v  <--  fipstest.c
new revision: 1.27; previous revision: 1.26
done
(Assignee)

Comment 6

10 years ago
arg, I forgot to mark it closed...
Status: NEW → RESOLVED
Last Resolved: 10 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.