Public bug reported:
For TRNG(True Random Number Generator) to be FIPS (Federal Information
Processing Standards) compliant, DRBG (Deterministic Random Bit
Generator) block needs to be enabled.
SRU Justification:
[Impact]
* To be FIPS compliant, DRBG needs to be enabled in TRNG.
[Fix]
* Enable DRBG "pka: Enable DRBG block in TRNG"
[Test Case]
* Use OpenSSL to get random bytes from DRBG enabled TRNG.
# openssl rand -engine pka 512
[Regression Potential]
* Before enabling DRBG, tests are carried out to verify the functioning of
DRBG.
If any of these tests fail then TRNG will be disabled.
Hence, TRNG inside PKA HW will be unavailable.
** Affects: linux-bluefield (Ubuntu)
Importance: Undecided
Status: New
** Description changed:
For TRNG(True Random Number Generator) to be FIPS (Federal Information
Processing Standards) compliant, DRBG (Deterministic Random Bit
Generator) block needs to be enabled.
SRU Justification:
[Impact]
* To be FIPS compliant, DRBG needs to be enabled in TRNG.
[Fix]
* Enable DRBG "pka: Enable DRBG block in TRNG"
[Test Case]
* Use OpenSSL to get random bytes from DRBG enabled TRNG.
- # openssl rand -engine pka 512
+ # openssl rand -engine pka 512
[Regression Potential]
- * After enabling DRBG, tests are carried out to verify the functioning of
DRBG. If any of these tests fail then TRNG will be disabled. Hence, TRNG inside
PKA HW will be unavailable.
+ * Before enabling DRBG, tests are carried out to verify the functioning of
DRBG. If any of these tests fail then TRNG will be disabled. Hence, TRNG inside
PKA HW will be unavailable.
** Description changed:
For TRNG(True Random Number Generator) to be FIPS (Federal Information
Processing Standards) compliant, DRBG (Deterministic Random Bit
Generator) block needs to be enabled.
SRU Justification:
[Impact]
* To be FIPS compliant, DRBG needs to be enabled in TRNG.
[Fix]
* Enable DRBG "pka: Enable DRBG block in TRNG"
[Test Case]
* Use OpenSSL to get random bytes from DRBG enabled TRNG.
# openssl rand -engine pka 512
[Regression Potential]
- * Before enabling DRBG, tests are carried out to verify the functioning of
DRBG. If any of these tests fail then TRNG will be disabled. Hence, TRNG inside
PKA HW will be unavailable.
+ * Before enabling DRBG, tests are carried out to verify the functioning of
DRBG.
+ If any of these tests fail then TRNG will be disabled.
+ Hence, TRNG inside PKA HW will be unavailable.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926773
Title:
Enabled DRBG block in TRNG
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-bluefield/+bug/1926773/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
