[openssl-dev] Plea for a new public OpenSSL RNG API
Dr. Matthias St. Pierre
Matthias.St.Pierre at ncp-e.com
Wed Aug 30 15:46:38 UTC 2017
> -----Ursprüngliche Nachricht-----
> Von: openssl-dev [mailto:openssl-dev-bounces at openssl.org] Im Auftrag von Blumenthal, Uri - 0553 - MITLL
> Gesendet: Mittwoch, 30. August 2017 17:23
> An: openssl-dev at openssl.org
> Betreff: Re: [openssl-dev] Plea for a new public OpenSSL RNG API
>
> ...
> > The only tricky part was to deal with temporary failures of the entropy source.
>
> Did you experience that often? How did you deal with it?
>
1) If the SmartCard is missing when our VPN service starts at boot time, the initial instantiation of the DRBG fails. This error is ignored, the DRBG remains uninstantiated.
2) If the SmartCard is pulled after the VPN connection is established and a rekey occurs, the DRBG fails, because it pulls entropy on every generate request and the entropy source fails. The NIST standard demands that this is a fatal error and the DRBG has to be uninstantiated. So we uninstantiate and our custom drbg_bytes() returns an error, which leads to a VPN disconnect.
In order to account for 1) and 2), in our custom drbg_bytes() implementation
3) we do a just-in-time (re-)instantiation of the DRBG before calling RAND_DRBG_generate().
Note that everything said above applies to the legacy setup of libcrypto 1.0.2x with FIPS DRBG. In the future, we would use RAND_DRBG_generate() directly.
Regards, Matthias
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4328 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20170830/c59c8165/attachment.bin>
More information about the openssl-dev
mailing list