tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

crypto: ansi_cprng - Remove unused ansi_cprng algorithm

Remove ansi_cprng, since it's obsolete and unused, as confirmed at
https://lore.kernel.org/r/aQxpnckYMgAAOLpZ@gondor.apana.org.au/

This was originally added in 2008, apparently as a FIPS approved random
number generator. Whether this has ever belonged upstream is
questionable. Either way, ansi_cprng is no longer usable for this
purpose, since it's been superseded by the more modern algorithms in
crypto/drbg.c, and FIPS itself no longer allows it. (NIST SP 800-131A
Rev 1 (2015) says that RNGs based on ANSI X9.31 will be disallowed after
2015. NIST SP 800-131A Rev 2 (2019) confirms they are now disallowed.)

Therefore, there is no reason to keep it around.

Suggested-by: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Haotian Zhang <vulab@iscas.ac.cn>
Cc: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Eric Biggers and committed by
Herbert Xu c7dcb041 79492d5a

+9 -789
+3 -4
Documentation/crypto/userspace-if.rst
··· 302 302 303 303 304 304 Depending on the RNG type, the RNG must be seeded. The seed is provided 305 - using the setsockopt interface to set the key. For example, the 306 - ansi_cprng requires a seed. The DRBGs do not require a seed, but may be 307 - seeded. The seed is also known as a *Personalization String* in NIST SP 800-90A 308 - standard. 305 + using the setsockopt interface to set the key. The SP800-90A DRBGs do 306 + not require a seed, but may be seeded. The seed is also known as a 307 + *Personalization String* in NIST SP 800-90A standard. 309 308 310 309 Using the read()/recvmsg() system calls, random numbers can be obtained. 311 310 The kernel generates at most 128 bytes in one call. If user space
-1
MAINTAINERS
··· 6605 6605 M: Neil Horman <nhorman@tuxdriver.com> 6606 6606 L: linux-crypto@vger.kernel.org 6607 6607 S: Maintained 6608 - F: crypto/ansi_cprng.c 6609 6608 F: crypto/rng.c 6610 6609 6611 6610 CS3308 MEDIA DRIVER
-1
arch/arm/configs/axm55xx_defconfig
··· 233 233 CONFIG_DEBUG_USER=y 234 234 CONFIG_CRYPTO_GCM=y 235 235 CONFIG_CRYPTO_SHA256=y 236 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/arm/configs/clps711x_defconfig
··· 75 75 CONFIG_DEBUG_USER=y 76 76 CONFIG_DEBUG_LL=y 77 77 CONFIG_EARLY_PRINTK=y 78 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 79 78 # CONFIG_CRYPTO_HW is not set
-1
arch/arm/configs/dove_defconfig
··· 126 126 CONFIG_CRYPTO_SHA512=y 127 127 CONFIG_CRYPTO_DEFLATE=y 128 128 CONFIG_CRYPTO_LZO=y 129 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 130 129 CONFIG_CRYPTO_DEV_MARVELL_CESA=y 131 130 CONFIG_PRINTK_TIME=y 132 131 # CONFIG_DEBUG_BUGVERBOSE is not set
-1
arch/arm/configs/ep93xx_defconfig
··· 119 119 CONFIG_DEBUG_MUTEXES=y 120 120 CONFIG_DEBUG_USER=y 121 121 CONFIG_DEBUG_LL=y 122 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/arm/configs/jornada720_defconfig
··· 92 92 CONFIG_DEBUG_KERNEL=y 93 93 # CONFIG_FTRACE is not set 94 94 CONFIG_DEBUG_LL=y 95 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/arm/configs/keystone_defconfig
··· 228 228 CONFIG_CRYPTO_CBC=y 229 229 CONFIG_CRYPTO_CTR=y 230 230 CONFIG_CRYPTO_XCBC=y 231 - CONFIG_CRYPTO_ANSI_CPRNG=y 232 231 CONFIG_CRYPTO_USER_API_HASH=y 233 232 CONFIG_CRYPTO_USER_API_SKCIPHER=y 234 233 CONFIG_DMA_CMA=y
-1
arch/arm/configs/lpc32xx_defconfig
··· 177 177 CONFIG_NLS_ASCII=y 178 178 CONFIG_NLS_ISO8859_1=y 179 179 CONFIG_NLS_UTF8=y 180 - CONFIG_CRYPTO_ANSI_CPRNG=y 181 180 # CONFIG_CRYPTO_HW is not set 182 181 CONFIG_PRINTK_TIME=y 183 182 CONFIG_DYNAMIC_DEBUG=y
-1
arch/arm/configs/mmp2_defconfig
··· 78 78 CONFIG_DEBUG_LL=y 79 79 CONFIG_DEBUG_MMP_UART3=y 80 80 CONFIG_EARLY_PRINTK=y 81 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/arm/configs/mv78xx0_defconfig
··· 121 121 CONFIG_SCHEDSTATS=y 122 122 CONFIG_DEBUG_USER=y 123 123 CONFIG_DEBUG_LL=y 124 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/arm/configs/omap1_defconfig
··· 220 220 CONFIG_CRYPTO_PCBC=y 221 221 CONFIG_CRYPTO_DEFLATE=y 222 222 CONFIG_CRYPTO_LZO=y 223 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 224 223 CONFIG_FONTS=y 225 224 CONFIG_FONT_8x8=y 226 225 CONFIG_FONT_8x16=y
-1
arch/arm/configs/orion5x_defconfig
··· 145 145 # CONFIG_FTRACE is not set 146 146 CONFIG_DEBUG_USER=y 147 147 CONFIG_DEBUG_LL=y 148 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/arm/configs/pxa168_defconfig
··· 48 48 # CONFIG_DEBUG_PREEMPT is not set 49 49 CONFIG_DEBUG_USER=y 50 50 CONFIG_DEBUG_LL=y 51 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/arm/configs/pxa3xx_defconfig
··· 106 106 CONFIG_DEBUG_SPINLOCK_SLEEP=y 107 107 # CONFIG_FTRACE is not set 108 108 CONFIG_DEBUG_USER=y 109 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 110 109 # CONFIG_CRYPTO_HW is not set
-1
arch/arm/configs/pxa910_defconfig
··· 59 59 CONFIG_DEBUG_LL=y 60 60 CONFIG_DEBUG_MMP_UART2=y 61 61 CONFIG_EARLY_PRINTK=y 62 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/arm/configs/spitz_defconfig
··· 228 228 CONFIG_CRYPTO_SERPENT=m 229 229 CONFIG_CRYPTO_TEA=m 230 230 CONFIG_CRYPTO_TWOFISH=m 231 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 232 231 CONFIG_CRYPTO_HMAC=y 233 232 CONFIG_CRYPTO_MD4=m 234 233 CONFIG_CRYPTO_MICHAEL_MIC=m
-1
arch/arm64/configs/defconfig
··· 1783 1783 CONFIG_CRYPTO_BENCHMARK=m 1784 1784 CONFIG_CRYPTO_ECHAINIV=y 1785 1785 CONFIG_CRYPTO_MICHAEL_MIC=m 1786 - CONFIG_CRYPTO_ANSI_CPRNG=y 1787 1786 CONFIG_CRYPTO_USER_API_RNG=m 1788 1787 CONFIG_CRYPTO_GHASH_ARM64_CE=y 1789 1788 CONFIG_CRYPTO_SHA3_ARM64=m
-1
arch/hexagon/configs/comet_defconfig
··· 70 70 # CONFIG_INET_DIAG is not set 71 71 # CONFIG_IPV6 is not set 72 72 CONFIG_CRYPTO_MD5=y 73 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 74 73 # CONFIG_CRYPTO_HW is not set 75 74 CONFIG_FRAME_WARN=0 76 75 CONFIG_MAGIC_SYSRQ=y
-1
arch/m68k/configs/amcore_defconfig
··· 86 86 # CONFIG_SCHED_DEBUG is not set 87 87 # CONFIG_DEBUG_BUGVERBOSE is not set 88 88 # CONFIG_CRYPTO_ECHAINIV is not set 89 - CONFIG_CRYPTO_ANSI_CPRNG=y 90 89 # CONFIG_CRYPTO_HW is not set
-1
arch/m68k/configs/amiga_defconfig
··· 591 591 CONFIG_CRYPTO_LZ4=m 592 592 CONFIG_CRYPTO_LZ4HC=m 593 593 CONFIG_CRYPTO_ZSTD=m 594 - CONFIG_CRYPTO_ANSI_CPRNG=m 595 594 CONFIG_CRYPTO_DRBG_HASH=y 596 595 CONFIG_CRYPTO_DRBG_CTR=y 597 596 CONFIG_CRYPTO_USER_API_HASH=m
-1
arch/m68k/configs/apollo_defconfig
··· 548 548 CONFIG_CRYPTO_LZ4=m 549 549 CONFIG_CRYPTO_LZ4HC=m 550 550 CONFIG_CRYPTO_ZSTD=m 551 - CONFIG_CRYPTO_ANSI_CPRNG=m 552 551 CONFIG_CRYPTO_DRBG_HASH=y 553 552 CONFIG_CRYPTO_DRBG_CTR=y 554 553 CONFIG_CRYPTO_USER_API_HASH=m
-1
arch/m68k/configs/atari_defconfig
··· 568 568 CONFIG_CRYPTO_LZ4=m 569 569 CONFIG_CRYPTO_LZ4HC=m 570 570 CONFIG_CRYPTO_ZSTD=m 571 - CONFIG_CRYPTO_ANSI_CPRNG=m 572 571 CONFIG_CRYPTO_DRBG_HASH=y 573 572 CONFIG_CRYPTO_DRBG_CTR=y 574 573 CONFIG_CRYPTO_USER_API_HASH=m
-1
arch/m68k/configs/bvme6000_defconfig
··· 540 540 CONFIG_CRYPTO_LZ4=m 541 541 CONFIG_CRYPTO_LZ4HC=m 542 542 CONFIG_CRYPTO_ZSTD=m 543 - CONFIG_CRYPTO_ANSI_CPRNG=m 544 543 CONFIG_CRYPTO_DRBG_HASH=y 545 544 CONFIG_CRYPTO_DRBG_CTR=y 546 545 CONFIG_CRYPTO_USER_API_HASH=m
-1
arch/m68k/configs/hp300_defconfig
··· 550 550 CONFIG_CRYPTO_LZ4=m 551 551 CONFIG_CRYPTO_LZ4HC=m 552 552 CONFIG_CRYPTO_ZSTD=m 553 - CONFIG_CRYPTO_ANSI_CPRNG=m 554 553 CONFIG_CRYPTO_DRBG_HASH=y 555 554 CONFIG_CRYPTO_DRBG_CTR=y 556 555 CONFIG_CRYPTO_USER_API_HASH=m
-1
arch/m68k/configs/mac_defconfig
··· 567 567 CONFIG_CRYPTO_LZ4=m 568 568 CONFIG_CRYPTO_LZ4HC=m 569 569 CONFIG_CRYPTO_ZSTD=m 570 - CONFIG_CRYPTO_ANSI_CPRNG=m 571 570 CONFIG_CRYPTO_DRBG_HASH=y 572 571 CONFIG_CRYPTO_DRBG_CTR=y 573 572 CONFIG_CRYPTO_USER_API_HASH=m
-1
arch/m68k/configs/multi_defconfig
··· 654 654 CONFIG_CRYPTO_LZ4=m 655 655 CONFIG_CRYPTO_LZ4HC=m 656 656 CONFIG_CRYPTO_ZSTD=m 657 - CONFIG_CRYPTO_ANSI_CPRNG=m 658 657 CONFIG_CRYPTO_DRBG_HASH=y 659 658 CONFIG_CRYPTO_DRBG_CTR=y 660 659 CONFIG_CRYPTO_USER_API_HASH=m
-1
arch/m68k/configs/mvme147_defconfig
··· 540 540 CONFIG_CRYPTO_LZ4=m 541 541 CONFIG_CRYPTO_LZ4HC=m 542 542 CONFIG_CRYPTO_ZSTD=m 543 - CONFIG_CRYPTO_ANSI_CPRNG=m 544 543 CONFIG_CRYPTO_DRBG_HASH=y 545 544 CONFIG_CRYPTO_DRBG_CTR=y 546 545 CONFIG_CRYPTO_USER_API_HASH=m
-1
arch/m68k/configs/mvme16x_defconfig
··· 541 541 CONFIG_CRYPTO_LZ4=m 542 542 CONFIG_CRYPTO_LZ4HC=m 543 543 CONFIG_CRYPTO_ZSTD=m 544 - CONFIG_CRYPTO_ANSI_CPRNG=m 545 544 CONFIG_CRYPTO_DRBG_HASH=y 546 545 CONFIG_CRYPTO_DRBG_CTR=y 547 546 CONFIG_CRYPTO_USER_API_HASH=m
-1
arch/m68k/configs/q40_defconfig
··· 557 557 CONFIG_CRYPTO_LZ4=m 558 558 CONFIG_CRYPTO_LZ4HC=m 559 559 CONFIG_CRYPTO_ZSTD=m 560 - CONFIG_CRYPTO_ANSI_CPRNG=m 561 560 CONFIG_CRYPTO_DRBG_HASH=y 562 561 CONFIG_CRYPTO_DRBG_CTR=y 563 562 CONFIG_CRYPTO_USER_API_HASH=m
-1
arch/m68k/configs/stmark2_defconfig
··· 84 84 CONFIG_CRAMFS=y 85 85 CONFIG_SQUASHFS=y 86 86 CONFIG_ROMFS_FS=y 87 - CONFIG_CRYPTO_ANSI_CPRNG=y 88 87 # CONFIG_CRYPTO_HW is not set 89 88 CONFIG_PRINTK_TIME=y 90 89 # CONFIG_DEBUG_BUGVERBOSE is not set
-1
arch/m68k/configs/sun3_defconfig
··· 538 538 CONFIG_CRYPTO_LZ4=m 539 539 CONFIG_CRYPTO_LZ4HC=m 540 540 CONFIG_CRYPTO_ZSTD=m 541 - CONFIG_CRYPTO_ANSI_CPRNG=m 542 541 CONFIG_CRYPTO_DRBG_HASH=y 543 542 CONFIG_CRYPTO_DRBG_CTR=y 544 543 CONFIG_CRYPTO_USER_API_HASH=m
-1
arch/m68k/configs/sun3x_defconfig
··· 538 538 CONFIG_CRYPTO_LZ4=m 539 539 CONFIG_CRYPTO_LZ4HC=m 540 540 CONFIG_CRYPTO_ZSTD=m 541 - CONFIG_CRYPTO_ANSI_CPRNG=m 542 541 CONFIG_CRYPTO_DRBG_HASH=y 543 542 CONFIG_CRYPTO_DRBG_CTR=y 544 543 CONFIG_CRYPTO_USER_API_HASH=m
-1
arch/mips/configs/decstation_64_defconfig
··· 200 200 CONFIG_CRYPTO_842=m 201 201 CONFIG_CRYPTO_LZ4=m 202 202 CONFIG_CRYPTO_LZ4HC=m 203 - CONFIG_CRYPTO_ANSI_CPRNG=m 204 203 CONFIG_CRYPTO_DRBG_HASH=y 205 204 CONFIG_CRYPTO_DRBG_CTR=y 206 205 # CONFIG_CRYPTO_HW is not set
-1
arch/mips/configs/decstation_defconfig
··· 195 195 CONFIG_CRYPTO_842=m 196 196 CONFIG_CRYPTO_LZ4=m 197 197 CONFIG_CRYPTO_LZ4HC=m 198 - CONFIG_CRYPTO_ANSI_CPRNG=m 199 198 CONFIG_CRYPTO_DRBG_HASH=y 200 199 CONFIG_CRYPTO_DRBG_CTR=y 201 200 # CONFIG_CRYPTO_HW is not set
-1
arch/mips/configs/decstation_r4k_defconfig
··· 195 195 CONFIG_CRYPTO_842=m 196 196 CONFIG_CRYPTO_LZ4=m 197 197 CONFIG_CRYPTO_LZ4HC=m 198 - CONFIG_CRYPTO_ANSI_CPRNG=m 199 198 CONFIG_CRYPTO_DRBG_HASH=y 200 199 CONFIG_CRYPTO_DRBG_CTR=y 201 200 # CONFIG_CRYPTO_HW is not set
-1
arch/s390/configs/debug_defconfig
··· 800 800 CONFIG_CRYPTO_LZ4=m 801 801 CONFIG_CRYPTO_LZ4HC=m 802 802 CONFIG_CRYPTO_ZSTD=m 803 - CONFIG_CRYPTO_ANSI_CPRNG=m 804 803 CONFIG_CRYPTO_USER_API_HASH=m 805 804 CONFIG_CRYPTO_USER_API_SKCIPHER=m 806 805 CONFIG_CRYPTO_USER_API_RNG=m
-1
arch/s390/configs/defconfig
··· 784 784 CONFIG_CRYPTO_LZ4=m 785 785 CONFIG_CRYPTO_LZ4HC=m 786 786 CONFIG_CRYPTO_ZSTD=m 787 - CONFIG_CRYPTO_ANSI_CPRNG=m 788 787 CONFIG_CRYPTO_JITTERENTROPY_OSR=1 789 788 CONFIG_CRYPTO_USER_API_HASH=m 790 789 CONFIG_CRYPTO_USER_API_SKCIPHER=m
-1
arch/sh/configs/ap325rxa_defconfig
··· 98 98 # CONFIG_ENABLE_MUST_CHECK is not set 99 99 CONFIG_CRYPTO=y 100 100 CONFIG_CRYPTO_CBC=y 101 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/apsh4a3a_defconfig
··· 87 87 # CONFIG_DEBUG_BUGVERBOSE is not set 88 88 CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT=y 89 89 # CONFIG_FTRACE is not set 90 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 91 90 # CONFIG_CRYPTO_HW is not set
-1
arch/sh/configs/apsh4ad0a_defconfig
··· 117 117 CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT=y 118 118 CONFIG_DEBUG_VM=y 119 119 CONFIG_DWARF_UNWINDER=y 120 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/dreamcast_defconfig
··· 66 66 CONFIG_PROC_KCORE=y 67 67 CONFIG_TMPFS=y 68 68 CONFIG_HUGETLBFS=y 69 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 70 69 CONFIG_RTC_CLASS=y 71 70 CONFIG_RTC_DRV_GENERIC=y
-1
arch/sh/configs/ecovec24_defconfig
··· 127 127 CONFIG_DEBUG_FS=y 128 128 CONFIG_CRYPTO=y 129 129 CONFIG_CRYPTO_CBC=y 130 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/edosk7760_defconfig
··· 111 111 CONFIG_CRYPTO=y 112 112 CONFIG_CRYPTO_MD5=y 113 113 CONFIG_CRYPTO_DES=y 114 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/espt_defconfig
··· 109 109 CONFIG_NLS_UTF8=y 110 110 # CONFIG_ENABLE_MUST_CHECK is not set 111 111 CONFIG_DEBUG_FS=y 112 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/hp6xx_defconfig
··· 54 54 CONFIG_CRYPTO_ECB=y 55 55 CONFIG_CRYPTO_PCBC=y 56 56 CONFIG_CRYPTO_MD5=y 57 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 58 57 # CONFIG_CRYPTO_HW is not set
-1
arch/sh/configs/landisk_defconfig
··· 110 110 CONFIG_NLS_CODEPAGE_437=y 111 111 CONFIG_NLS_CODEPAGE_932=y 112 112 CONFIG_SH_STANDARD_BIOS=y 113 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/lboxre2_defconfig
··· 57 57 CONFIG_ROMFS_FS=y 58 58 CONFIG_NLS_CODEPAGE_437=y 59 59 CONFIG_SH_STANDARD_BIOS=y 60 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/migor_defconfig
··· 87 87 CONFIG_NFS_FS=y 88 88 CONFIG_ROOT_NFS=y 89 89 CONFIG_DEBUG_FS=y 90 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 91 90 # CONFIG_CRYPTO_HW is not set
-1
arch/sh/configs/r7780mp_defconfig
··· 104 104 CONFIG_CRYPTO_ECB=m 105 105 CONFIG_CRYPTO_PCBC=m 106 106 CONFIG_CRYPTO_HMAC=y 107 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/r7785rp_defconfig
··· 102 102 CONFIG_CRYPTO_ECB=m 103 103 CONFIG_CRYPTO_PCBC=m 104 104 CONFIG_CRYPTO_HMAC=y 105 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/rts7751r2d1_defconfig
··· 86 86 CONFIG_MINIX_FS=y 87 87 CONFIG_NLS_CODEPAGE_932=y 88 88 CONFIG_DEBUG_FS=y 89 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/rts7751r2dplus_defconfig
··· 91 91 CONFIG_MINIX_FS=y 92 92 CONFIG_NLS_CODEPAGE_932=y 93 93 CONFIG_DEBUG_FS=y 94 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/sdk7780_defconfig
··· 135 135 CONFIG_SH_STANDARD_BIOS=y 136 136 CONFIG_CRYPTO_MD5=y 137 137 CONFIG_CRYPTO_DES=y 138 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/sdk7786_defconfig
··· 212 212 CONFIG_DMA_API_DEBUG=y 213 213 CONFIG_DEBUG_STACK_USAGE=y 214 214 CONFIG_DWARF_UNWINDER=y 215 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/se7206_defconfig
··· 99 99 CONFIG_DEBUG_STACK_USAGE=y 100 100 CONFIG_CRYPTO_DEFLATE=y 101 101 CONFIG_CRYPTO_LZO=y 102 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 103 102 # CONFIG_CRYPTO_HW is not set
-1
arch/sh/configs/se7343_defconfig
··· 92 92 CONFIG_NFS_FS=y 93 93 CONFIG_NFS_V3=y 94 94 CONFIG_NFSD=y 95 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/se7705_defconfig
··· 51 51 CONFIG_JFFS2_FS=y 52 52 CONFIG_NFS_FS=y 53 53 CONFIG_ROOT_NFS=y 54 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/se7712_defconfig
··· 95 95 CONFIG_FRAME_POINTER=y 96 96 CONFIG_CRYPTO_ECB=m 97 97 CONFIG_CRYPTO_PCBC=m 98 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/se7721_defconfig
··· 121 121 CONFIG_DEBUG_KERNEL=y 122 122 CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT=y 123 123 CONFIG_FRAME_POINTER=y 124 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/se7722_defconfig
··· 54 54 CONFIG_MAGIC_SYSRQ=y 55 55 CONFIG_DEBUG_FS=y 56 56 CONFIG_SH_STANDARD_BIOS=y 57 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/se7724_defconfig
··· 127 127 # CONFIG_ENABLE_MUST_CHECK is not set 128 128 CONFIG_CRYPTO=y 129 129 CONFIG_CRYPTO_CBC=y 130 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/se7750_defconfig
··· 52 52 CONFIG_PARTITION_ADVANCED=y 53 53 # CONFIG_MSDOS_PARTITION is not set 54 54 # CONFIG_ENABLE_MUST_CHECK is not set 55 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/se7751_defconfig
··· 42 42 CONFIG_PROC_KCORE=y 43 43 CONFIG_TMPFS=y 44 44 CONFIG_JFFS2_FS=y 45 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/se7780_defconfig
··· 102 102 CONFIG_NFS_V3=y 103 103 CONFIG_ROOT_NFS=y 104 104 CONFIG_DEBUG_FS=y 105 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/sh03_defconfig
··· 119 119 CONFIG_CRYPTO_HMAC=y 120 120 CONFIG_CRYPTO_SHA1=y 121 121 CONFIG_CRYPTO_DEFLATE=y 122 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 123 122 CONFIG_RTC_CLASS=y 124 123 CONFIG_RTC_DRV_GENERIC=y
-1
arch/sh/configs/sh2007_defconfig
··· 191 191 CONFIG_CRYPTO_TWOFISH=y 192 192 CONFIG_CRYPTO_DEFLATE=y 193 193 CONFIG_CRYPTO_LZO=y 194 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 195 194 # CONFIG_CRYPTO_HW is not set
-1
arch/sh/configs/sh7710voipgw_defconfig
··· 51 51 # CONFIG_DNOTIFY is not set 52 52 CONFIG_JFFS2_FS=y 53 53 CONFIG_DEBUG_FS=y 54 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/sh7757lcr_defconfig
··· 81 81 # CONFIG_DEBUG_BUGVERBOSE is not set 82 82 CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT=y 83 83 # CONFIG_FTRACE is not set 84 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/sh7763rdp_defconfig
··· 111 111 CONFIG_NLS_UTF8=y 112 112 # CONFIG_ENABLE_MUST_CHECK is not set 113 113 CONFIG_DEBUG_FS=y 114 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/sh7785lcr_32bit_defconfig
··· 145 145 CONFIG_LATENCYTOP=y 146 146 # CONFIG_FTRACE is not set 147 147 CONFIG_CRYPTO_HMAC=y 148 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 149 148 # CONFIG_CRYPTO_HW is not set
-1
arch/sh/configs/sh7785lcr_defconfig
··· 113 113 CONFIG_DETECT_HUNG_TASK=y 114 114 # CONFIG_DEBUG_BUGVERBOSE is not set 115 115 CONFIG_CRYPTO_HMAC=y 116 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 117 116 # CONFIG_CRYPTO_HW is not set
-1
arch/sh/configs/shmin_defconfig
··· 49 49 CONFIG_NFS_V3=y 50 50 CONFIG_ROOT_NFS=y 51 51 CONFIG_SH_STANDARD_BIOS=y 52 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/shx3_defconfig
··· 98 98 CONFIG_FRAME_POINTER=y 99 99 CONFIG_SH_STANDARD_BIOS=y 100 100 CONFIG_DEBUG_STACK_USAGE=y 101 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/titan_defconfig
··· 262 262 CONFIG_CRYPTO_SERPENT=m 263 263 CONFIG_CRYPTO_TEA=m 264 264 CONFIG_CRYPTO_TWOFISH=m 265 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/ul2_defconfig
··· 81 81 CONFIG_NLS_ISO8859_1=y 82 82 # CONFIG_ENABLE_MUST_CHECK is not set 83 83 CONFIG_CRYPTO_MICHAEL_MIC=y 84 - # CONFIG_CRYPTO_ANSI_CPRNG is not set
-1
arch/sh/configs/urquell_defconfig
··· 143 143 # CONFIG_FTRACE is not set 144 144 # CONFIG_DUMP_CODE is not set 145 145 CONFIG_CRYPTO_HMAC=y 146 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 147 146 # CONFIG_CRYPTO_HW is not set
-1
arch/sparc/configs/sparc32_defconfig
··· 92 92 CONFIG_CRYPTO_CAST6=m 93 93 CONFIG_CRYPTO_SERPENT=m 94 94 CONFIG_CRYPTO_TWOFISH=m 95 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 96 95 # CONFIG_CRYPTO_HW is not set
-1
arch/sparc/configs/sparc64_defconfig
··· 228 228 CONFIG_CRYPTO_SERPENT=m 229 229 CONFIG_CRYPTO_TEA=m 230 230 CONFIG_CRYPTO_TWOFISH=m 231 - # CONFIG_CRYPTO_ANSI_CPRNG is not set 232 231 CONFIG_VCC=m 233 232 CONFIG_PATA_CMD64X=y 234 233 CONFIG_IP_PNP=y
-1
arch/xtensa/configs/audio_kc705_defconfig
··· 133 133 CONFIG_RCU_TRACE=y 134 134 # CONFIG_FTRACE is not set 135 135 # CONFIG_S32C1I_SELFTEST is not set 136 - CONFIG_CRYPTO_ANSI_CPRNG=y
-1
arch/xtensa/configs/generic_kc705_defconfig
··· 121 121 # CONFIG_FTRACE is not set 122 122 CONFIG_LD_NO_RELAX=y 123 123 # CONFIG_S32C1I_SELFTEST is not set 124 - CONFIG_CRYPTO_ANSI_CPRNG=y
-1
arch/xtensa/configs/iss_defconfig
··· 28 28 CONFIG_TMPFS=y 29 29 # CONFIG_FRAME_POINTER is not set 30 30 CONFIG_DETECT_HUNG_TASK=y 31 - CONFIG_CRYPTO_ANSI_CPRNG=y
-1
arch/xtensa/configs/nommu_kc705_defconfig
··· 122 122 # CONFIG_FTRACE is not set 123 123 # CONFIG_LD_NO_RELAX is not set 124 124 # CONFIG_CRYPTO_ECHAINIV is not set 125 - CONFIG_CRYPTO_ANSI_CPRNG=y
-1
arch/xtensa/configs/smp_lx200_defconfig
··· 125 125 # CONFIG_FTRACE is not set 126 126 CONFIG_LD_NO_RELAX=y 127 127 # CONFIG_S32C1I_SELFTEST is not set 128 - CONFIG_CRYPTO_ANSI_CPRNG=y
-1
arch/xtensa/configs/virt_defconfig
··· 92 92 CONFIG_CRYPTO_ECHAINIV=y 93 93 CONFIG_CRYPTO_DEFLATE=y 94 94 CONFIG_CRYPTO_LZO=y 95 - CONFIG_CRYPTO_ANSI_CPRNG=y 96 95 CONFIG_CRYPTO_DEV_VIRTIO=y 97 96 CONFIG_FONTS=y 98 97 CONFIG_PRINTK_TIME=y
-1
arch/xtensa/configs/xip_kc705_defconfig
··· 98 98 CONFIG_CRYPTO_ECHAINIV=y 99 99 CONFIG_CRYPTO_DEFLATE=y 100 100 CONFIG_CRYPTO_LZO=y 101 - CONFIG_CRYPTO_ANSI_CPRNG=y 102 101 CONFIG_PRINTK_TIME=y 103 102 CONFIG_DYNAMIC_DEBUG=y 104 103 CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT=y
+1 -12
crypto/Kconfig
··· 25 25 26 26 config CRYPTO_FIPS 27 27 bool "FIPS 200 compliance" 28 - depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && CRYPTO_SELFTESTS 28 + depends on CRYPTO_DRBG && CRYPTO_SELFTESTS 29 29 depends on (MODULE_SIG || !MODULES) 30 30 help 31 31 This option enables the fips boot option which is ··· 1168 1168 endmenu 1169 1169 1170 1170 menu "Random number generation" 1171 - 1172 - config CRYPTO_ANSI_CPRNG 1173 - tristate "ANSI PRNG (Pseudo Random Number Generator)" 1174 - select CRYPTO_AES 1175 - select CRYPTO_RNG 1176 - help 1177 - Pseudo RNG (random number generator) (ANSI X9.31 Appendix A.2.4) 1178 - 1179 - This uses the AES cipher algorithm. 1180 - 1181 - Note that this option must be enabled if CRYPTO_FIPS is selected 1182 1171 1183 1172 menuconfig CRYPTO_DRBG_MENU 1184 1173 tristate "NIST SP800-90A DRBG (Deterministic Random Bit Generator)"
-1
crypto/Makefile
··· 163 163 obj-$(CONFIG_CRYPTO_XXHASH) += xxhash_generic.o 164 164 obj-$(CONFIG_CRYPTO_842) += 842.o 165 165 obj-$(CONFIG_CRYPTO_RNG2) += rng.o 166 - obj-$(CONFIG_CRYPTO_ANSI_CPRNG) += ansi_cprng.o 167 166 obj-$(CONFIG_CRYPTO_DRBG) += drbg.o 168 167 obj-$(CONFIG_CRYPTO_JITTERENTROPY) += jitterentropy_rng.o 169 168 CFLAGS_jitterentropy.o = -O0
-474
crypto/ansi_cprng.c
··· 1 - // SPDX-License-Identifier: GPL-2.0-or-later 2 - /* 3 - * PRNG: Pseudo Random Number Generator 4 - * Based on NIST Recommended PRNG From ANSI X9.31 Appendix A.2.4 using 5 - * AES 128 cipher 6 - * 7 - * (C) Neil Horman <nhorman@tuxdriver.com> 8 - */ 9 - 10 - #include <crypto/internal/cipher.h> 11 - #include <crypto/internal/rng.h> 12 - #include <linux/err.h> 13 - #include <linux/init.h> 14 - #include <linux/module.h> 15 - #include <linux/moduleparam.h> 16 - #include <linux/string.h> 17 - 18 - #define DEFAULT_PRNG_KEY "0123456789abcdef" 19 - #define DEFAULT_PRNG_KSZ 16 20 - #define DEFAULT_BLK_SZ 16 21 - #define DEFAULT_V_SEED "zaybxcwdveuftgsh" 22 - 23 - /* 24 - * Flags for the prng_context flags field 25 - */ 26 - 27 - #define PRNG_FIXED_SIZE 0x1 28 - #define PRNG_NEED_RESET 0x2 29 - 30 - /* 31 - * Note: DT is our counter value 32 - * I is our intermediate value 33 - * V is our seed vector 34 - * See http://csrc.nist.gov/groups/STM/cavp/documents/rng/931rngext.pdf 35 - * for implementation details 36 - */ 37 - 38 - 39 - struct prng_context { 40 - spinlock_t prng_lock; 41 - unsigned char rand_data[DEFAULT_BLK_SZ]; 42 - unsigned char last_rand_data[DEFAULT_BLK_SZ]; 43 - unsigned char DT[DEFAULT_BLK_SZ]; 44 - unsigned char I[DEFAULT_BLK_SZ]; 45 - unsigned char V[DEFAULT_BLK_SZ]; 46 - u32 rand_data_valid; 47 - struct crypto_cipher *tfm; 48 - u32 flags; 49 - }; 50 - 51 - static int dbg; 52 - 53 - static void hexdump(char *note, unsigned char *buf, unsigned int len) 54 - { 55 - if (dbg) { 56 - printk(KERN_CRIT "%s", note); 57 - print_hex_dump(KERN_CONT, "", DUMP_PREFIX_OFFSET, 58 - 16, 1, 59 - buf, len, false); 60 - } 61 - } 62 - 63 - #define dbgprint(format, args...) do {\ 64 - if (dbg)\ 65 - printk(format, ##args);\ 66 - } while (0) 67 - 68 - static void xor_vectors(unsigned char *in1, unsigned char *in2, 69 - unsigned char *out, unsigned int size) 70 - { 71 - int i; 72 - 73 - for (i = 0; i < size; i++) 74 - out[i] = in1[i] ^ in2[i]; 75 - 76 - } 77 - /* 78 - * Returns DEFAULT_BLK_SZ bytes of random data per call 79 - * returns 0 if generation succeeded, <0 if something went wrong 80 - */ 81 - static int _get_more_prng_bytes(struct prng_context *ctx, int cont_test) 82 - { 83 - int i; 84 - unsigned char tmp[DEFAULT_BLK_SZ]; 85 - unsigned char *output = NULL; 86 - 87 - 88 - dbgprint(KERN_CRIT "Calling _get_more_prng_bytes for context %p\n", 89 - ctx); 90 - 91 - hexdump("Input DT: ", ctx->DT, DEFAULT_BLK_SZ); 92 - hexdump("Input I: ", ctx->I, DEFAULT_BLK_SZ); 93 - hexdump("Input V: ", ctx->V, DEFAULT_BLK_SZ); 94 - 95 - /* 96 - * This algorithm is a 3 stage state machine 97 - */ 98 - for (i = 0; i < 3; i++) { 99 - 100 - switch (i) { 101 - case 0: 102 - /* 103 - * Start by encrypting the counter value 104 - * This gives us an intermediate value I 105 - */ 106 - memcpy(tmp, ctx->DT, DEFAULT_BLK_SZ); 107 - output = ctx->I; 108 - hexdump("tmp stage 0: ", tmp, DEFAULT_BLK_SZ); 109 - break; 110 - case 1: 111 - 112 - /* 113 - * Next xor I with our secret vector V 114 - * encrypt that result to obtain our 115 - * pseudo random data which we output 116 - */ 117 - xor_vectors(ctx->I, ctx->V, tmp, DEFAULT_BLK_SZ); 118 - hexdump("tmp stage 1: ", tmp, DEFAULT_BLK_SZ); 119 - output = ctx->rand_data; 120 - break; 121 - case 2: 122 - /* 123 - * First check that we didn't produce the same 124 - * random data that we did last time around through this 125 - */ 126 - if (!memcmp(ctx->rand_data, ctx->last_rand_data, 127 - DEFAULT_BLK_SZ)) { 128 - if (cont_test) { 129 - panic("cprng %p Failed repetition check!\n", 130 - ctx); 131 - } 132 - 133 - printk(KERN_ERR 134 - "ctx %p Failed repetition check!\n", 135 - ctx); 136 - 137 - ctx->flags |= PRNG_NEED_RESET; 138 - return -EINVAL; 139 - } 140 - memcpy(ctx->last_rand_data, ctx->rand_data, 141 - DEFAULT_BLK_SZ); 142 - 143 - /* 144 - * Lastly xor the random data with I 145 - * and encrypt that to obtain a new secret vector V 146 - */ 147 - xor_vectors(ctx->rand_data, ctx->I, tmp, 148 - DEFAULT_BLK_SZ); 149 - output = ctx->V; 150 - hexdump("tmp stage 2: ", tmp, DEFAULT_BLK_SZ); 151 - break; 152 - } 153 - 154 - 155 - /* do the encryption */ 156 - crypto_cipher_encrypt_one(ctx->tfm, output, tmp); 157 - 158 - } 159 - 160 - /* 161 - * Now update our DT value 162 - */ 163 - for (i = DEFAULT_BLK_SZ - 1; i >= 0; i--) { 164 - ctx->DT[i] += 1; 165 - if (ctx->DT[i] != 0) 166 - break; 167 - } 168 - 169 - dbgprint("Returning new block for context %p\n", ctx); 170 - ctx->rand_data_valid = 0; 171 - 172 - hexdump("Output DT: ", ctx->DT, DEFAULT_BLK_SZ); 173 - hexdump("Output I: ", ctx->I, DEFAULT_BLK_SZ); 174 - hexdump("Output V: ", ctx->V, DEFAULT_BLK_SZ); 175 - hexdump("New Random Data: ", ctx->rand_data, DEFAULT_BLK_SZ); 176 - 177 - return 0; 178 - } 179 - 180 - /* Our exported functions */ 181 - static int get_prng_bytes(char *buf, size_t nbytes, struct prng_context *ctx, 182 - int do_cont_test) 183 - { 184 - unsigned char *ptr = buf; 185 - unsigned int byte_count = (unsigned int)nbytes; 186 - int err; 187 - 188 - 189 - spin_lock_bh(&ctx->prng_lock); 190 - 191 - err = -EINVAL; 192 - if (ctx->flags & PRNG_NEED_RESET) 193 - goto done; 194 - 195 - /* 196 - * If the FIXED_SIZE flag is on, only return whole blocks of 197 - * pseudo random data 198 - */ 199 - err = -EINVAL; 200 - if (ctx->flags & PRNG_FIXED_SIZE) { 201 - if (nbytes < DEFAULT_BLK_SZ) 202 - goto done; 203 - byte_count = DEFAULT_BLK_SZ; 204 - } 205 - 206 - /* 207 - * Return 0 in case of success as mandated by the kernel 208 - * crypto API interface definition. 209 - */ 210 - err = 0; 211 - 212 - dbgprint(KERN_CRIT "getting %d random bytes for context %p\n", 213 - byte_count, ctx); 214 - 215 - 216 - remainder: 217 - if (ctx->rand_data_valid == DEFAULT_BLK_SZ) { 218 - if (_get_more_prng_bytes(ctx, do_cont_test) < 0) { 219 - memset(buf, 0, nbytes); 220 - err = -EINVAL; 221 - goto done; 222 - } 223 - } 224 - 225 - /* 226 - * Copy any data less than an entire block 227 - */ 228 - if (byte_count < DEFAULT_BLK_SZ) { 229 - empty_rbuf: 230 - while (ctx->rand_data_valid < DEFAULT_BLK_SZ) { 231 - *ptr = ctx->rand_data[ctx->rand_data_valid]; 232 - ptr++; 233 - byte_count--; 234 - ctx->rand_data_valid++; 235 - if (byte_count == 0) 236 - goto done; 237 - } 238 - } 239 - 240 - /* 241 - * Now copy whole blocks 242 - */ 243 - for (; byte_count >= DEFAULT_BLK_SZ; byte_count -= DEFAULT_BLK_SZ) { 244 - if (ctx->rand_data_valid == DEFAULT_BLK_SZ) { 245 - if (_get_more_prng_bytes(ctx, do_cont_test) < 0) { 246 - memset(buf, 0, nbytes); 247 - err = -EINVAL; 248 - goto done; 249 - } 250 - } 251 - if (ctx->rand_data_valid > 0) 252 - goto empty_rbuf; 253 - memcpy(ptr, ctx->rand_data, DEFAULT_BLK_SZ); 254 - ctx->rand_data_valid += DEFAULT_BLK_SZ; 255 - ptr += DEFAULT_BLK_SZ; 256 - } 257 - 258 - /* 259 - * Now go back and get any remaining partial block 260 - */ 261 - if (byte_count) 262 - goto remainder; 263 - 264 - done: 265 - spin_unlock_bh(&ctx->prng_lock); 266 - dbgprint(KERN_CRIT "returning %d from get_prng_bytes in context %p\n", 267 - err, ctx); 268 - return err; 269 - } 270 - 271 - static void free_prng_context(struct prng_context *ctx) 272 - { 273 - crypto_free_cipher(ctx->tfm); 274 - } 275 - 276 - static int reset_prng_context(struct prng_context *ctx, 277 - const unsigned char *key, size_t klen, 278 - const unsigned char *V, const unsigned char *DT) 279 - { 280 - int ret; 281 - const unsigned char *prng_key; 282 - 283 - spin_lock_bh(&ctx->prng_lock); 284 - ctx->flags |= PRNG_NEED_RESET; 285 - 286 - prng_key = (key != NULL) ? key : (unsigned char *)DEFAULT_PRNG_KEY; 287 - 288 - if (!key) 289 - klen = DEFAULT_PRNG_KSZ; 290 - 291 - if (V) 292 - memcpy(ctx->V, V, DEFAULT_BLK_SZ); 293 - else 294 - memcpy(ctx->V, DEFAULT_V_SEED, DEFAULT_BLK_SZ); 295 - 296 - if (DT) 297 - memcpy(ctx->DT, DT, DEFAULT_BLK_SZ); 298 - else 299 - memset(ctx->DT, 0, DEFAULT_BLK_SZ); 300 - 301 - memset(ctx->rand_data, 0, DEFAULT_BLK_SZ); 302 - memset(ctx->last_rand_data, 0, DEFAULT_BLK_SZ); 303 - 304 - ctx->rand_data_valid = DEFAULT_BLK_SZ; 305 - 306 - ret = crypto_cipher_setkey(ctx->tfm, prng_key, klen); 307 - if (ret) { 308 - dbgprint(KERN_CRIT "PRNG: setkey() failed flags=%x\n", 309 - crypto_cipher_get_flags(ctx->tfm)); 310 - goto out; 311 - } 312 - 313 - ret = 0; 314 - ctx->flags &= ~PRNG_NEED_RESET; 315 - out: 316 - spin_unlock_bh(&ctx->prng_lock); 317 - return ret; 318 - } 319 - 320 - static int cprng_init(struct crypto_tfm *tfm) 321 - { 322 - struct prng_context *ctx = crypto_tfm_ctx(tfm); 323 - 324 - spin_lock_init(&ctx->prng_lock); 325 - ctx->tfm = crypto_alloc_cipher("aes", 0, 0); 326 - if (IS_ERR(ctx->tfm)) { 327 - dbgprint(KERN_CRIT "Failed to alloc tfm for context %p\n", 328 - ctx); 329 - return PTR_ERR(ctx->tfm); 330 - } 331 - 332 - if (reset_prng_context(ctx, NULL, DEFAULT_PRNG_KSZ, NULL, NULL) < 0) 333 - return -EINVAL; 334 - 335 - /* 336 - * after allocation, we should always force the user to reset 337 - * so they don't inadvertently use the insecure default values 338 - * without specifying them intentially 339 - */ 340 - ctx->flags |= PRNG_NEED_RESET; 341 - return 0; 342 - } 343 - 344 - static void cprng_exit(struct crypto_tfm *tfm) 345 - { 346 - free_prng_context(crypto_tfm_ctx(tfm)); 347 - } 348 - 349 - static int cprng_get_random(struct crypto_rng *tfm, 350 - const u8 *src, unsigned int slen, 351 - u8 *rdata, unsigned int dlen) 352 - { 353 - struct prng_context *prng = crypto_rng_ctx(tfm); 354 - 355 - return get_prng_bytes(rdata, dlen, prng, 0); 356 - } 357 - 358 - /* 359 - * This is the cprng_registered reset method the seed value is 360 - * interpreted as the tuple { V KEY DT} 361 - * V and KEY are required during reset, and DT is optional, detected 362 - * as being present by testing the length of the seed 363 - */ 364 - static int cprng_reset(struct crypto_rng *tfm, 365 - const u8 *seed, unsigned int slen) 366 - { 367 - struct prng_context *prng = crypto_rng_ctx(tfm); 368 - const u8 *key = seed + DEFAULT_BLK_SZ; 369 - const u8 *dt = NULL; 370 - 371 - if (slen < DEFAULT_PRNG_KSZ + DEFAULT_BLK_SZ) 372 - return -EINVAL; 373 - 374 - if (slen >= (2 * DEFAULT_BLK_SZ + DEFAULT_PRNG_KSZ)) 375 - dt = key + DEFAULT_PRNG_KSZ; 376 - 377 - reset_prng_context(prng, key, DEFAULT_PRNG_KSZ, seed, dt); 378 - 379 - if (prng->flags & PRNG_NEED_RESET) 380 - return -EINVAL; 381 - return 0; 382 - } 383 - 384 - #ifdef CONFIG_CRYPTO_FIPS 385 - static int fips_cprng_get_random(struct crypto_rng *tfm, 386 - const u8 *src, unsigned int slen, 387 - u8 *rdata, unsigned int dlen) 388 - { 389 - struct prng_context *prng = crypto_rng_ctx(tfm); 390 - 391 - return get_prng_bytes(rdata, dlen, prng, 1); 392 - } 393 - 394 - static int fips_cprng_reset(struct crypto_rng *tfm, 395 - const u8 *seed, unsigned int slen) 396 - { 397 - u8 rdata[DEFAULT_BLK_SZ]; 398 - const u8 *key = seed + DEFAULT_BLK_SZ; 399 - int rc; 400 - 401 - struct prng_context *prng = crypto_rng_ctx(tfm); 402 - 403 - if (slen < DEFAULT_PRNG_KSZ + DEFAULT_BLK_SZ) 404 - return -EINVAL; 405 - 406 - /* fips strictly requires seed != key */ 407 - if (!memcmp(seed, key, DEFAULT_PRNG_KSZ)) 408 - return -EINVAL; 409 - 410 - rc = cprng_reset(tfm, seed, slen); 411 - 412 - if (!rc) 413 - goto out; 414 - 415 - /* this primes our continuity test */ 416 - rc = get_prng_bytes(rdata, DEFAULT_BLK_SZ, prng, 0); 417 - prng->rand_data_valid = DEFAULT_BLK_SZ; 418 - 419 - out: 420 - return rc; 421 - } 422 - #endif 423 - 424 - static struct rng_alg rng_algs[] = { { 425 - .generate = cprng_get_random, 426 - .seed = cprng_reset, 427 - .seedsize = DEFAULT_PRNG_KSZ + 2 * DEFAULT_BLK_SZ, 428 - .base = { 429 - .cra_name = "stdrng", 430 - .cra_driver_name = "ansi_cprng", 431 - .cra_priority = 100, 432 - .cra_ctxsize = sizeof(struct prng_context), 433 - .cra_module = THIS_MODULE, 434 - .cra_init = cprng_init, 435 - .cra_exit = cprng_exit, 436 - } 437 - #ifdef CONFIG_CRYPTO_FIPS 438 - }, { 439 - .generate = fips_cprng_get_random, 440 - .seed = fips_cprng_reset, 441 - .seedsize = DEFAULT_PRNG_KSZ + 2 * DEFAULT_BLK_SZ, 442 - .base = { 443 - .cra_name = "fips(ansi_cprng)", 444 - .cra_driver_name = "fips_ansi_cprng", 445 - .cra_priority = 300, 446 - .cra_ctxsize = sizeof(struct prng_context), 447 - .cra_module = THIS_MODULE, 448 - .cra_init = cprng_init, 449 - .cra_exit = cprng_exit, 450 - } 451 - #endif 452 - } }; 453 - 454 - /* Module initalization */ 455 - static int __init prng_mod_init(void) 456 - { 457 - return crypto_register_rngs(rng_algs, ARRAY_SIZE(rng_algs)); 458 - } 459 - 460 - static void __exit prng_mod_fini(void) 461 - { 462 - crypto_unregister_rngs(rng_algs, ARRAY_SIZE(rng_algs)); 463 - } 464 - 465 - MODULE_LICENSE("GPL"); 466 - MODULE_DESCRIPTION("Software Pseudo Random Number Generator"); 467 - MODULE_AUTHOR("Neil Horman <nhorman@tuxdriver.com>"); 468 - module_param(dbg, int, 0); 469 - MODULE_PARM_DESC(dbg, "Boolean to enable debugging (0/1 == off/on)"); 470 - module_init(prng_mod_init); 471 - module_exit(prng_mod_fini); 472 - MODULE_ALIAS_CRYPTO("stdrng"); 473 - MODULE_ALIAS_CRYPTO("ansi_cprng"); 474 - MODULE_IMPORT_NS("CRYPTO_INTERNAL");
-4
crypto/tcrypt.c
··· 1758 1758 ret = min(ret, tcrypt_test("hmac(streebog512)")); 1759 1759 break; 1760 1760 1761 - case 150: 1762 - ret = min(ret, tcrypt_test("ansi_cprng")); 1763 - break; 1764 - 1765 1761 case 151: 1766 1762 ret = min(ret, tcrypt_test("rfc4106(gcm(aes))")); 1767 1763 break;
-97
crypto/testmgr.c
··· 117 117 unsigned int count; 118 118 }; 119 119 120 - struct cprng_test_suite { 121 - const struct cprng_testvec *vecs; 122 - unsigned int count; 123 - }; 124 - 125 120 struct drbg_test_suite { 126 121 const struct drbg_testvec *vecs; 127 122 unsigned int count; ··· 149 154 struct cipher_test_suite cipher; 150 155 struct comp_test_suite comp; 151 156 struct hash_test_suite hash; 152 - struct cprng_test_suite cprng; 153 157 struct drbg_test_suite drbg; 154 158 struct akcipher_test_suite akcipher; 155 159 struct sig_test_suite sig; ··· 3436 3442 return ret; 3437 3443 } 3438 3444 3439 - static int test_cprng(struct crypto_rng *tfm, 3440 - const struct cprng_testvec *template, 3441 - unsigned int tcount) 3442 - { 3443 - const char *algo = crypto_tfm_alg_driver_name(crypto_rng_tfm(tfm)); 3444 - int err = 0, i, j, seedsize; 3445 - u8 *seed; 3446 - char result[32]; 3447 - 3448 - seedsize = crypto_rng_seedsize(tfm); 3449 - 3450 - seed = kmalloc(seedsize, GFP_KERNEL); 3451 - if (!seed) { 3452 - printk(KERN_ERR "alg: cprng: Failed to allocate seed space " 3453 - "for %s\n", algo); 3454 - return -ENOMEM; 3455 - } 3456 - 3457 - for (i = 0; i < tcount; i++) { 3458 - memset(result, 0, 32); 3459 - 3460 - memcpy(seed, template[i].v, template[i].vlen); 3461 - memcpy(seed + template[i].vlen, template[i].key, 3462 - template[i].klen); 3463 - memcpy(seed + template[i].vlen + template[i].klen, 3464 - template[i].dt, template[i].dtlen); 3465 - 3466 - err = crypto_rng_reset(tfm, seed, seedsize); 3467 - if (err) { 3468 - printk(KERN_ERR "alg: cprng: Failed to reset rng " 3469 - "for %s\n", algo); 3470 - goto out; 3471 - } 3472 - 3473 - for (j = 0; j < template[i].loops; j++) { 3474 - err = crypto_rng_get_bytes(tfm, result, 3475 - template[i].rlen); 3476 - if (err < 0) { 3477 - printk(KERN_ERR "alg: cprng: Failed to obtain " 3478 - "the correct amount of random data for " 3479 - "%s (requested %d)\n", algo, 3480 - template[i].rlen); 3481 - goto out; 3482 - } 3483 - } 3484 - 3485 - err = memcmp(result, template[i].result, 3486 - template[i].rlen); 3487 - if (err) { 3488 - printk(KERN_ERR "alg: cprng: Test %d failed for %s\n", 3489 - i, algo); 3490 - hexdump(result, template[i].rlen); 3491 - err = -EINVAL; 3492 - goto out; 3493 - } 3494 - } 3495 - 3496 - out: 3497 - kfree(seed); 3498 - return err; 3499 - } 3500 - 3501 3445 static int alg_test_cipher(const struct alg_test_desc *desc, 3502 3446 const char *driver, u32 type, u32 mask) 3503 3447 { ··· 3481 3549 crypto_free_acomp(acomp); 3482 3550 return err; 3483 3551 } 3484 - 3485 - static int alg_test_cprng(const struct alg_test_desc *desc, const char *driver, 3486 - u32 type, u32 mask) 3487 - { 3488 - struct crypto_rng *rng; 3489 - int err; 3490 - 3491 - rng = crypto_alloc_rng(driver, type, mask); 3492 - if (IS_ERR(rng)) { 3493 - if (PTR_ERR(rng) == -ENOENT) 3494 - return 0; 3495 - printk(KERN_ERR "alg: cprng: Failed to load transform for %s: " 3496 - "%ld\n", driver, PTR_ERR(rng)); 3497 - return PTR_ERR(rng); 3498 - } 3499 - 3500 - err = test_cprng(rng, desc->suite.cprng.vecs, desc->suite.cprng.count); 3501 - 3502 - crypto_free_rng(rng); 3503 - 3504 - return err; 3505 - } 3506 - 3507 3552 3508 3553 static int drbg_cavs_test(const struct drbg_testvec *test, int pr, 3509 3554 const char *driver, u32 type, u32 mask) ··· 4078 4169 .test = alg_test_aead, 4079 4170 .suite = { 4080 4171 .aead = __VECS(aegis128_tv_template) 4081 - } 4082 - }, { 4083 - .alg = "ansi_cprng", 4084 - .test = alg_test_cprng, 4085 - .suite = { 4086 - .cprng = __VECS(ansi_cprng_aes_tv_template) 4087 4172 } 4088 4173 }, { 4089 4174 .alg = "authenc(hmac(md5),ecb(cipher_null))",
-106
crypto/testmgr.h
··· 119 119 int crypt_error; 120 120 }; 121 121 122 - struct cprng_testvec { 123 - const char *key; 124 - const char *dt; 125 - const char *v; 126 - const char *result; 127 - unsigned char klen; 128 - unsigned short dtlen; 129 - unsigned short vlen; 130 - unsigned short rlen; 131 - unsigned short loops; 132 - }; 133 - 134 122 struct drbg_testvec { 135 123 const unsigned char *entropy; 136 124 size_t entropylen; ··· 22361 22373 "\xf5\x57\x0f\x2f\x49\x0e\x11\x3b" 22362 22374 "\x78\x93\xec\xfc\xf4\xff\xe1\x2d", 22363 22375 .clen = 24, 22364 - }, 22365 - }; 22366 - 22367 - /* 22368 - * ANSI X9.31 Continuous Pseudo-Random Number Generator (AES mode) 22369 - * test vectors, taken from Appendix B.2.9 and B.2.10: 22370 - * http://csrc.nist.gov/groups/STM/cavp/documents/rng/RNGVS.pdf 22371 - * Only AES-128 is supported at this time. 22372 - */ 22373 - static const struct cprng_testvec ansi_cprng_aes_tv_template[] = { 22374 - { 22375 - .key = "\xf3\xb1\x66\x6d\x13\x60\x72\x42" 22376 - "\xed\x06\x1c\xab\xb8\xd4\x62\x02", 22377 - .klen = 16, 22378 - .dt = "\xe6\xb3\xbe\x78\x2a\x23\xfa\x62" 22379 - "\xd7\x1d\x4a\xfb\xb0\xe9\x22\xf9", 22380 - .dtlen = 16, 22381 - .v = "\x80\x00\x00\x00\x00\x00\x00\x00" 22382 - "\x00\x00\x00\x00\x00\x00\x00\x00", 22383 - .vlen = 16, 22384 - .result = "\x59\x53\x1e\xd1\x3b\xb0\xc0\x55" 22385 - "\x84\x79\x66\x85\xc1\x2f\x76\x41", 22386 - .rlen = 16, 22387 - .loops = 1, 22388 - }, { 22389 - .key = "\xf3\xb1\x66\x6d\x13\x60\x72\x42" 22390 - "\xed\x06\x1c\xab\xb8\xd4\x62\x02", 22391 - .klen = 16, 22392 - .dt = "\xe6\xb3\xbe\x78\x2a\x23\xfa\x62" 22393 - "\xd7\x1d\x4a\xfb\xb0\xe9\x22\xfa", 22394 - .dtlen = 16, 22395 - .v = "\xc0\x00\x00\x00\x00\x00\x00\x00" 22396 - "\x00\x00\x00\x00\x00\x00\x00\x00", 22397 - .vlen = 16, 22398 - .result = "\x7c\x22\x2c\xf4\xca\x8f\xa2\x4c" 22399 - "\x1c\x9c\xb6\x41\xa9\xf3\x22\x0d", 22400 - .rlen = 16, 22401 - .loops = 1, 22402 - }, { 22403 - .key = "\xf3\xb1\x66\x6d\x13\x60\x72\x42" 22404 - "\xed\x06\x1c\xab\xb8\xd4\x62\x02", 22405 - .klen = 16, 22406 - .dt = "\xe6\xb3\xbe\x78\x2a\x23\xfa\x62" 22407 - "\xd7\x1d\x4a\xfb\xb0\xe9\x22\xfb", 22408 - .dtlen = 16, 22409 - .v = "\xe0\x00\x00\x00\x00\x00\x00\x00" 22410 - "\x00\x00\x00\x00\x00\x00\x00\x00", 22411 - .vlen = 16, 22412 - .result = "\x8a\xaa\x00\x39\x66\x67\x5b\xe5" 22413 - "\x29\x14\x28\x81\xa9\x4d\x4e\xc7", 22414 - .rlen = 16, 22415 - .loops = 1, 22416 - }, { 22417 - .key = "\xf3\xb1\x66\x6d\x13\x60\x72\x42" 22418 - "\xed\x06\x1c\xab\xb8\xd4\x62\x02", 22419 - .klen = 16, 22420 - .dt = "\xe6\xb3\xbe\x78\x2a\x23\xfa\x62" 22421 - "\xd7\x1d\x4a\xfb\xb0\xe9\x22\xfc", 22422 - .dtlen = 16, 22423 - .v = "\xf0\x00\x00\x00\x00\x00\x00\x00" 22424 - "\x00\x00\x00\x00\x00\x00\x00\x00", 22425 - .vlen = 16, 22426 - .result = "\x88\xdd\xa4\x56\x30\x24\x23\xe5" 22427 - "\xf6\x9d\xa5\x7e\x7b\x95\xc7\x3a", 22428 - .rlen = 16, 22429 - .loops = 1, 22430 - }, { 22431 - .key = "\xf3\xb1\x66\x6d\x13\x60\x72\x42" 22432 - "\xed\x06\x1c\xab\xb8\xd4\x62\x02", 22433 - .klen = 16, 22434 - .dt = "\xe6\xb3\xbe\x78\x2a\x23\xfa\x62" 22435 - "\xd7\x1d\x4a\xfb\xb0\xe9\x22\xfd", 22436 - .dtlen = 16, 22437 - .v = "\xf8\x00\x00\x00\x00\x00\x00\x00" 22438 - "\x00\x00\x00\x00\x00\x00\x00\x00", 22439 - .vlen = 16, 22440 - .result = "\x05\x25\x92\x46\x61\x79\xd2\xcb" 22441 - "\x78\xc4\x0b\x14\x0a\x5a\x9a\xc8", 22442 - .rlen = 16, 22443 - .loops = 1, 22444 - }, { /* Monte Carlo Test */ 22445 - .key = "\x9f\x5b\x51\x20\x0b\xf3\x34\xb5" 22446 - "\xd8\x2b\xe8\xc3\x72\x55\xc8\x48", 22447 - .klen = 16, 22448 - .dt = "\x63\x76\xbb\xe5\x29\x02\xba\x3b" 22449 - "\x67\xc9\x25\xfa\x70\x1f\x11\xac", 22450 - .dtlen = 16, 22451 - .v = "\x57\x2c\x8e\x76\x87\x26\x47\x97" 22452 - "\x7e\x74\xfb\xdd\xc4\x95\x01\xd1", 22453 - .vlen = 16, 22454 - .result = "\x48\xe9\xbd\x0d\x06\xee\x18\xfb" 22455 - "\xe4\x57\x90\xd5\xc3\xfc\x9b\x73", 22456 - .rlen = 16, 22457 - .loops = 10000, 22458 22376 }, 22459 22377 }; 22460 22378
+5 -6
include/crypto/rng.h
··· 169 169 * 170 170 * The reset function completely re-initializes the random number generator 171 171 * referenced by the cipher handle by clearing the current state. The new state 172 - * is initialized with the caller provided seed or automatically, depending 173 - * on the random number generator type (the ANSI X9.31 RNG requires 174 - * caller-provided seed, the SP800-90A DRBGs perform an automatic seeding). 175 - * The seed is provided as a parameter to this function call. The provided seed 176 - * should have the length of the seed size defined for the random number 177 - * generator as defined by crypto_rng_seedsize. 172 + * is initialized with the caller provided seed or automatically, depending on 173 + * the random number generator type. (The SP800-90A DRBGs perform an automatic 174 + * seeding.) The seed is provided as a parameter to this function call. The 175 + * provided seed should have the length of the seed size defined for the random 176 + * number generator as defined by crypto_rng_seedsize. 178 177 * 179 178 * Return: 0 if the setting of the key was successful; < 0 if an error occurred 180 179 */