| Message ID | 20230806191903.83423-1-git@jvdsn.com (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Herbert Xu |
| Headers | show |
| Series | Add clarifying comments to Jitter Entropy RCT cutoff values. | expand |
Am Sonntag, 6. August 2023, 21:19:03 CEST schrieb Joachim Vandersmissen: Hi Joachim, > The RCT cutoff values are correct, but they don't exactly match the ones > one would expect when computing them using the formula in SP800-90B. This > discrepancy is due to the fact that the Jitter Entropy RCT starts at 1. To > avoid any confusion by future reviewers, add some comments and explicitly > subtract 1 from the "correct" cutoff values in the definitions. > > Signed-off-by: Joachim Vandersmissen <git@jvdsn.com> Reviewed-by: Stephan Mueller <smueller@chronox.de> Ciao Stephan
On Sun, Aug 06, 2023 at 02:19:03PM -0500, Joachim Vandersmissen wrote: > The RCT cutoff values are correct, but they don't exactly match the ones > one would expect when computing them using the formula in SP800-90B. This > discrepancy is due to the fact that the Jitter Entropy RCT starts at 1. To > avoid any confusion by future reviewers, add some comments and explicitly > subtract 1 from the "correct" cutoff values in the definitions. > > Signed-off-by: Joachim Vandersmissen <git@jvdsn.com> > --- > crypto/jitterentropy.c | 10 +++++++--- > 1 file changed, 7 insertions(+), 3 deletions(-) Patch applied. Thanks.
diff --git a/crypto/jitterentropy.c b/crypto/jitterentropy.c index c7d7f2caa779..fe9c233ec769 100644 --- a/crypto/jitterentropy.c +++ b/crypto/jitterentropy.c @@ -89,10 +89,14 @@ struct rand_data { unsigned int rct_count; /* Number of stuck values */ /* Intermittent health test failure threshold of 2^-30 */ -#define JENT_RCT_CUTOFF 30 /* Taken from SP800-90B sec 4.4.1 */ -#define JENT_APT_CUTOFF 325 /* Taken from SP800-90B sec 4.4.2 */ + /* From an SP800-90B perspective, this RCT cutoff value is equal to 31. */ + /* However, our RCT implementation starts at 1, so we subtract 1 here. */ +#define JENT_RCT_CUTOFF (31 - 1) /* Taken from SP800-90B sec 4.4.1 */ +#define JENT_APT_CUTOFF 325 /* Taken from SP800-90B sec 4.4.2 */ /* Permanent health test failure threshold of 2^-60 */ -#define JENT_RCT_CUTOFF_PERMANENT 60 + /* From an SP800-90B perspective, this RCT cutoff value is equal to 61. */ + /* However, our RCT implementation starts at 1, so we subtract 1 here. */ +#define JENT_RCT_CUTOFF_PERMANENT (61 - 1) #define JENT_APT_CUTOFF_PERMANENT 355 #define JENT_APT_WINDOW_SIZE 512 /* Data window size */ /* LSB of time stamp to process */
The RCT cutoff values are correct, but they don't exactly match the ones one would expect when computing them using the formula in SP800-90B. This discrepancy is due to the fact that the Jitter Entropy RCT starts at 1. To avoid any confusion by future reviewers, add some comments and explicitly subtract 1 from the "correct" cutoff values in the definitions. Signed-off-by: Joachim Vandersmissen <git@jvdsn.com> --- crypto/jitterentropy.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-)