[PATCH 0/2] SP800-90A DRBG

Tue Feb 16 22:03:49 CET 2016

Hi,

as the SP800-90A DRBG is considered for inclusion into 1.7, I ported the
existing DRBG patch set in [1] to the current git tree of libgcrypt.

The DRBG is fully CAVS tested.

The following changes compared to [1] are present:

* Addition of reseeding CAVS test support.

* Addition of reseeding FIPS 140-2 power-on self test.

* DRBG flags received the GCRY_ prefix to avoid namespace polution.

* Removal of the FIPS 140-2 continuous self test due to the recent update
of FIPS 140-2 IG 9.8 which allows skipping of this (nonsense) test for
SP800-90A DRBGs.

* Update the initialization logic to automatically initialize the DRBG if
needed.

* Update locking code.

* CAVS test interface uses libgcrypt control interface 59.

The second patch of this patchset removes the ANSI X9.31 DRNG as the DRBG
completely supersedes the DRNG.

I am not sure whether I should update the bug report [1] to include the updated
patchset. Please advise of the current development regime for libgcrypt.

[1] https://bugs.gnupg.org/gnupg/issue1701

Stephan Mueller (2):
  SP800-90A DRBG
  Remove ANSI X9.31 DRNG

 random/Makefile.am     |    2 +-
 random/drbg.c          | 2340 ++++++++++++++++++++++++++++++++++++++++++++++++
 random/rand-internal.h |   34 +-
 random/random-fips.c   | 1124 -----------------------
 random/random.c        |   59 +-
 random/random.h        |   26 +
 src/gcrypt.h.in        |  108 +++
 src/global.c           |   45 +-
 8 files changed, 2513 insertions(+), 1225 deletions(-)
 create mode 100644 random/drbg.c
 delete mode 100644 random/random-fips.c

-- 
2.5.0