diff options
author | Pauli <pauli@openssl.org> | 2023-09-05 10:16:49 +1000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2023-09-27 17:22:54 +0100 |
commit | fffa78c2fd01accd97c9229018d4c380f7a20335 (patch) | |
tree | 2978f3f7b0bbf550f9824ec247cb3e01f723e1ef /util | |
parent | 54e60d2a05f86e947dface08e5c20b831be17bf8 (diff) | |
download | openssl-fffa78c2fd01accd97c9229018d4c380f7a20335.tar.gz |
fips selftest: avoid relying on a real RNG for self tests
Rather than instantiate the private and primary DRBGs during the
selftest, instead use a test RNG. This leaves the DRBG setup
pristine and permits later replacement of the seed source despite
the very early running power up self tests.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21964)
Diffstat (limited to 'util')
-rw-r--r-- | util/perl/OpenSSL/paramnames.pm | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/util/perl/OpenSSL/paramnames.pm b/util/perl/OpenSSL/paramnames.pm index a5126858e7..c37ed7815f 100644 --- a/util/perl/OpenSSL/paramnames.pm +++ b/util/perl/OpenSSL/paramnames.pm @@ -198,6 +198,7 @@ my %params = ( 'RAND_PARAM_MAX_REQUEST' => "max_request", 'RAND_PARAM_TEST_ENTROPY' => "test_entropy", 'RAND_PARAM_TEST_NONCE' => "test_nonce", + 'RAND_PARAM_GENERATE' => "generate", # RAND/DRBG names 'DRBG_PARAM_RESEED_REQUESTS' => "reseed_requests", |