Re: OpenSSL DRBG in FIPS mode confusion.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 15.03.2017 10:50, Jayalakshmi bhat wrote:
> Hi All,
>
> OpenSSL uses 256 bit AES-CTR DRBG as default DRBG in FIPS mode. I have question associated with this. 
>
> 1. OpenSSL wiki says  : Default DRBG is 256-bit CTR AES *using a derivation function*
> 2. Where as the document http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1747.pdf  mentions "no derivation function" in one place and in another sections mentions both
> *Section 4 Modes of Operation and Cryptographic Functionality*
> Random Number  Generation;    [SP 800­90] DRBG5                         Hash DRBG  
> Symmetric key  generation        Prediction resistance                       HMAC DRBG, no reseed 
>                                                supported for all variations               CTR DRBG (AES), no derivation function 
> *Section 6 Self­test *
> DRBG  KAT  CTR_DRBG: AES, 256 bit with and without derivation function *
> *
>
> Please can any one let me know what is the default behavior? Is there any way to toggle between using and not using derivation function.
>
> Regards
> Jayalakshmi
>

The default is set by the FIPS enabled OpenSSL crypto library (not by the OpenSSL  FIPS object module itself) in RAND_init_fips(), rand_lib.c:277:

openssl-1.0.2k/crypto/rand/rand_lib.c:277:    if (FIPS_drbg_init(dctx, fips_drbg_type, fips_drbg_flags) <= 0) {


The default value is DRBG_FLAG_CTR_USE_DF, wich  follows from

openssl-1.0.2k/crypto/rand/rand_lib.c:251:# ifndef OPENSSL_DRBG_DEFAULT_FLAGS
openssl-1.0.2k/crypto/rand/rand_lib.c:252:#  define OPENSSL_DRBG_DEFAULT_FLAGS      DRBG_FLAG_CTR_USE_DF
openssl-1.0.2k/crypto/rand/rand_lib.c:256:static int fips_drbg_flags = OPENSSL_DRBG_DEFAULT_FLAGS;
openssl-1.0.2k/crypto/rand/rand_lib.c:261:    fips_drbg_flags = flags;

and you can change it using void RAND_set_fips_drbg_type(int type, int flags).


Regards,
Matthias St. Pierre




-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux