The RCT cutoff values are correct, but they don't exactly match the ones
one would expect when computing them using the formula in SP800-90B. This
discrepancy is due to the fact that the Jitter Entropy RCT starts at 1. To
avoid any confusion by future reviewers, add some comments and explicitly
subtract 1 from the "correct" cutoff values in the definitions.
Signed-off-by: Joachim Vandersmissen <[email protected]>
---
crypto/jitterentropy.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/crypto/jitterentropy.c b/crypto/jitterentropy.c
index c7d7f2caa779..fe9c233ec769 100644
--- a/crypto/jitterentropy.c
+++ b/crypto/jitterentropy.c
@@ -89,10 +89,14 @@ struct rand_data {
unsigned int rct_count; /* Number of stuck values */
/* Intermittent health test failure threshold of 2^-30 */
-#define JENT_RCT_CUTOFF 30 /* Taken from SP800-90B sec 4.4.1 */
-#define JENT_APT_CUTOFF 325 /* Taken from SP800-90B sec 4.4.2 */
+ /* From an SP800-90B perspective, this RCT cutoff value is equal to 31. */
+ /* However, our RCT implementation starts at 1, so we subtract 1 here. */
+#define JENT_RCT_CUTOFF (31 - 1) /* Taken from SP800-90B sec 4.4.1 */
+#define JENT_APT_CUTOFF 325 /* Taken from SP800-90B sec 4.4.2 */
/* Permanent health test failure threshold of 2^-60 */
-#define JENT_RCT_CUTOFF_PERMANENT 60
+ /* From an SP800-90B perspective, this RCT cutoff value is equal to 61. */
+ /* However, our RCT implementation starts at 1, so we subtract 1 here. */
+#define JENT_RCT_CUTOFF_PERMANENT (61 - 1)
#define JENT_APT_CUTOFF_PERMANENT 355
#define JENT_APT_WINDOW_SIZE 512 /* Data window size */
/* LSB of time stamp to process */
--
2.41.0
Am Sonntag, 6. August 2023, 21:19:03 CEST schrieb Joachim Vandersmissen:
Hi Joachim,
> The RCT cutoff values are correct, but they don't exactly match the ones
> one would expect when computing them using the formula in SP800-90B. This
> discrepancy is due to the fact that the Jitter Entropy RCT starts at 1. To
> avoid any confusion by future reviewers, add some comments and explicitly
> subtract 1 from the "correct" cutoff values in the definitions.
>
> Signed-off-by: Joachim Vandersmissen <[email protected]>
Reviewed-by: Stephan Mueller <[email protected]>
Ciao
Stephan
On Sun, Aug 06, 2023 at 02:19:03PM -0500, Joachim Vandersmissen wrote:
> The RCT cutoff values are correct, but they don't exactly match the ones
> one would expect when computing them using the formula in SP800-90B. This
> discrepancy is due to the fact that the Jitter Entropy RCT starts at 1. To
> avoid any confusion by future reviewers, add some comments and explicitly
> subtract 1 from the "correct" cutoff values in the definitions.
>
> Signed-off-by: Joachim Vandersmissen <[email protected]>
> ---
> crypto/jitterentropy.c | 10 +++++++---
> 1 file changed, 7 insertions(+), 3 deletions(-)
Patch applied. Thanks.
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt