This is only conjecture, but it is an educated conjecture.  I've done several 
implementations of  FIPS-approved RNGs, and once had trouble with the RNG test 
failing.

The algorithm we used was the one in FIPS 186-2 appendix 3. This algorithm 
involves taking an SHA-1 hash, and then treating it as a 160-bit integer and 
adding it (mod 2^160) to some other value.  The problem turned out to be that 
the test vectors were for the opposite endianness as the host.  (Sorry, I have 
done both little- and big-endian implementations, and I can't remember which 
one had the trouble.)  Thus we had to treat the hash output as 5 words, and 
byte reverse each word before considering it as 32 bits of the 160-bit integer.

Obviously, swapping bytes of a hash output is a waste of cycles, and does 
nothing for security.  But if you have to do it to pass, you have to do it.

  -- David Jacobson


--- On Thu, 2/12/09, RussMitch <[email protected]> wrote:
From: RussMitch <[email protected]>
Subject: Re: FIPS_selftest_rng fails on Solaris10 x86
To: [email protected]
Date: Thursday, February 12, 2009, 11:49 AM

No, the test/fips_test_suite does not run correctly, here's the results:

        FIPS-mode test application

1. Non-Approved cryptographic operation test...
        a. Included algorithm (D-H)...successful
ERROR:2d072065:lib=45,func=114,reason=101:file=fips_rand_selftest.c:line=364:
2. Automatic power-up self test...FAILED!

/Russ


Dr. Stephen Henson wrote:
> 
> On Thu, Feb 12, 2009, RussMitch wrote:
> 
>> 
>> Hello,
>> 
>> I've built openssl-0.9.8j on Solaris10 Update 5 as follows:
>> 
>> ./config fipscanisterbuild
>> make clean
>> make
>> 
> 
> That's against the security policy.
> 
>> Next, I've created a simple program that calls FIPS_mode_set(1)
and links
>> to
>> the libraries in /usr/local/ssl/fips/lib.
>> 
>> The first two tests, FIPS_signature_witness() and
>> FIPS_check_incore_fingerprint() PASS.
>> 
>> The third test, FIPS_selftest_rng FAILS.
>> 
>> I've also tried the exact same procedure on a Fedora Core5 linux
based
>> machine, and all of the tests PASS.
>> 
>> Anyone have an idea of what may be wrong?
>> 
> 
> Does test/fips_test_suite run correctly?
> 
> Steve.
> --
> Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
> OpenSSL project core developer and freelance consultant.
> Homepage: http://www.drh-consultancy.demon.co.uk
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> Development Mailing List                       [email protected]
> Automated List Manager                           [email protected]
> 
> 

-- 
View this message in context:
http://www.nabble.com/FIPS_selftest_rng-fails-on-Solaris10-x86-tp21980325p21983578.html
Sent from the OpenSSL - Dev mailing list archive at Nabble.com.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [email protected]
Automated List Manager                           [email protected]

Reply via email to