FIPS 140-2 rng data tester for h/w crypto devices. This driver periodically

monitors the entropy data harvested by crypto drivers to verify it complies
with FIPS 140-2.  If data fails any test then the driver discards it and
commences continuous testing of harvested data until it is deemed ok.
Results are collected in a statistics block and, optionally, reported on
the console.  In normal use the overhead associated with this driver is
not noticeable.

Note that drivers must (currently) be compiled specially to enable use.

Obtained from:	original code by Jason L. Wright
This commit is contained in:
Sam Leffler 2003-03-11 19:26:16 +00:00
parent d947796288
commit ac7e2c0515
3 changed files with 10 additions and 0 deletions

View File

@ -2154,6 +2154,7 @@ device cryptodev # /dev/crypto for access to h/w
device hifn # Hifn 7951, 7781, etc.
device ubsec # Broadcom 5501, 5601, 58xx
device rndtest # FIPS 140-2 entropy tester
#####################################################################

View File

@ -629,6 +629,7 @@ crypto/sha2/sha2.c optional random
dev/ray/if_ray.c optional ray card
dev/ray/if_ray.c optional ray pccard
dev/rc/rc.c optional rc
dev/rndtest/rndtest.c optional rndtest
dev/rp/rp.c optional rp
dev/rp/rp_isa.c optional rp isa
dev/rp/rp_pci.c optional rp pci

View File

@ -0,0 +1,8 @@
# $FreeBSD$
.PATH: ${.CURDIR}/../../dev/rndtest
KMOD = rndtest
SRCS = rndtest.c
SRCS += device_if.h bus_if.h
.include <bsd.kmod.mk>