Hi all, I have a chip (FDK RPG100) that generates randomness, but the SP800-90B python test suite indicated that the chip only provides 2.35 bits/byte of entropy. According to FIPS test lab the lowest value from all the tests are used as the entropy and 2 is too low. I must however make use of this chip.
Looking at the paragraph in the User Guide 2.0 where low entropy sources are discussed and have some additional questions: 1. In my DRBG callback for entropy (function get_entropy in the guide), I simply used our chip as the source (the driver reading from the chip, makes it available at /dev/hwrng). Now that I've come to learn that the chip's entropy is too low, how do I ensure that this callback exists with a buffer of acceptable entropy? 2. Should I just return a 4 times larger buffer? Wat if that is larger than the "max_len"? 3. Can the DRBG repeatedly call the callback until the entropy is high enough? Your advice is appreciated Regards LJB
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
