APPLIED: [SRU][F:linux-bluefield][PATCH 0/1] UBUNTU: SAUCE: pka: Enable DRBG block in TRNG
Tim Gardner
tim.gardner at canonical.com
Fri May 7 18:45:03 UTC 2021
Applied to focal:bluefield/master-next. Thanks.
-rtg
On 5/3/21 10:57 AM, Mahantesh Salimath wrote:
> BugLink: https://bugs.launchpad.net/bugs/1926773
>
> SRU Justification:
>
> [Impact]
> * To be FIPS compliant and to achieve TRNG robustness, DRBG needs to be enabled in TRNG.
>
> [Fix]
> * Enable DRBG "pka: Enable DRBG block in TRNG"
>
> [Test Case]
> * Use OpenSSL to get random bytes from DRBG enabled TRNG.
> # openssl rand -engine pka 512
>
> [Regression Potential]
> * Before enabling DRBG, tests are carried out to verify the functioning of DRBG.
> If any of these tests fail then TRNG will be disabled (this is as per FIPS
> compliance requirements). Hence, TRNG inside PKA HW will be unavailable.
>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list