New function to return security strength of PRNG.
This commit is contained in:
Dr. Stephen Henson
parent
31360957fb
commit
68ea88b8d1
@ -114,6 +114,8 @@ const RAND_METHOD *FIPS_drbg_method(void);
|
|||||||
|
|
||||||
int FIPS_rand_set_method(const RAND_METHOD *meth);
|
int FIPS_rand_set_method(const RAND_METHOD *meth);
|
||||||
|
|
||||||
|
int FIPS_rand_strength(void);
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
@ -138,3 +138,25 @@ int FIPS_rand_status(void)
|
|||||||
return fips_rand_meth->status();
|
return fips_rand_meth->status();
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Return instantiated strength of PRNG. For DRBG this is an internal
|
||||||
|
* parameter. For X9.31 PRNG it is 80 bits (from SP800-131). Any other
|
||||||
|
* type of PRNG is not approved and returns 0 in FIPS mode and maximum
|
||||||
|
* 256 outside FIPS mode.
|
||||||
|
*/
|
||||||
|
|
||||||
|
int FIPS_rand_strength(void)
|
||||||
|
{
|
||||||
|
if (fips_approved_rand_meth == 1)
|
||||||
|
return FIPS_drbg_get_strength(FIPS_get_default_drbg());
|
||||||
|
else if (fips_approved_rand_meth == 2)
|
||||||
|
return 80;
|
||||||
|
else if (fips_approved_rand_meth == 0)
|
||||||
|
{
|
||||||
|
if (FIPS_mode())
|
||||||
|
return 0;
|
||||||
|
else
|
||||||
|
return 256;
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user