linux/crypto
Stephan Müller d9d67c87ad crypto: jitter - update implementation to 2.1.2
The Jitter RNG implementation is updated to comply with upstream version
2.1.2. The change covers the following aspects:

* Time variation measurement is conducted over the LFSR operation
instead of the XOR folding

* Invcation of stuck test during initialization

* Removal of the stirring functionality and the Von-Neumann
unbiaser as the LFSR using a primitive and irreducible polynomial
generates an identical distribution of random bits

This implementation was successfully used in FIPS 140-2 validations
as well as in German BSI evaluations.

This kernel implementation was tested as follows:

* The unchanged kernel code file jitterentropy.c is compiled as part
of user space application to generate raw unconditioned noise
data. That data is processed with the NIST SP800-90B non-IID test
tool to verify that the kernel code exhibits an equal amount of noise
as the upstream Jitter RNG version 2.1.2.

* Using AF_ALG with the libkcapi tool of kcapi-rng the Jitter RNG was
output tested with dieharder to verify that the output does not
exhibit statistical weaknesses. The following command was used:
kcapi-rng -n "jitterentropy_rng" -b 100000000000 | dieharder -a -g 200

* The unchanged kernel code file jitterentropy.c is compiled as part
of user space application to test the LFSR implementation. The
LFSR is injected a monotonically increasing counter as input and
the output is fed into dieharder to verify that the LFSR operation
does not exhibit statistical weaknesses.

* The patch was tested on the Muen separation kernel which returns
a more coarse time stamp to verify that the Jitter RNG does not cause
regressions with its initialization test considering that the Jitter
RNG depends on a high-resolution timer.

Tested-by: Reto Buerki <reet@codelabs.ch>
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-06-06 14:38:57 +08:00
..
asymmetric_keys crypto: shash - remove shash_desc::flags 2019-04-25 15:38:12 +08:00
async_tx async_pq: Remove VLA usage 2018-06-18 20:17:38 +05:30
842.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
ablkcipher.c crypto: skcipher - remove remnants of internal IV generators 2018-12-23 11:52:45 +08:00
acompress.c crypto: user - clean up report structure copying 2018-11-09 17:41:39 +08:00
adiantum.c crypto: shash - remove shash_desc::flags 2019-04-25 15:38:12 +08:00
aead.c crypto: aead - set CRYPTO_TFM_NEED_KEY if ->setkey() fails 2019-01-18 18:40:24 +08:00
aegis128.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
aegis128l.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
aegis256.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
aegis.h crypto: aegis - Cleanup license mess 2019-01-25 18:41:51 +08:00
aes_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
aes_ti.c crypto: aes_ti - disable interrupts while accessing S-box 2018-11-09 17:36:48 +08:00
af_alg.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-03-05 09:09:55 -08:00
ahash.c crypto: ahash - fix another early termination in hash walk 2019-02-08 15:30:08 +08:00
akcipher.c crypto: akcipher - default implementations for request callbacks 2019-04-18 22:15:01 +08:00
algapi.c crypto: algapi - remove crypto_tfm_in_queue() 2019-05-30 15:28:41 +08:00
algboss.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
algif_aead.c crypto: null - Remove VLA usage of skcipher 2018-09-28 12:46:08 +08:00
algif_hash.c crypto: hash - Remove VLA usage 2018-09-04 11:35:03 +08:00
algif_rng.c net: remove sock_no_poll 2018-05-26 09:16:44 +02:00
algif_skcipher.c Revert changes to convert to ->poll_mask() and aio IOCB_CMD_POLL 2018-06-28 10:40:47 -07:00
ansi_cprng.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
anubis.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
api.c evm: Don't deadlock if a crypto algorithm is unavailable 2018-07-18 07:27:22 -04:00
arc4.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
authenc.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
authencesn.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
blkcipher.c crypto: skcipher - remove remnants of internal IV generators 2018-12-23 11:52:45 +08:00
blowfish_common.c crypto: blowfish - split generic and common c code 2011-09-22 21:25:25 +10:00
blowfish_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
camellia_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
cast5_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
cast6_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
cast_common.c crypto: make tables used from assembler __visible 2013-08-14 20:42:03 +10:00
cbc.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
ccm.c crypto: ccm - fix incompatibility between "ccm" and "ccm_base" 2019-04-19 13:53:13 +08:00
cfb.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
chacha20poly1305.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
chacha_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
cipher.c crypto: remove several VLAs 2018-04-21 00:58:34 +08:00
cmac.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
compress.c crypto: api - Remove no-op exit_ops code 2016-10-21 11:03:42 +08:00
crc32_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
crc32c_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
crct10dif_common.c crypto: crct10dif - Add fallback for broken initrds 2013-09-12 15:31:34 +10:00
crct10dif_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
cryptd.c crypto: hash - remove CRYPTO_ALG_TYPE_DIGEST 2019-05-30 15:28:41 +08:00
crypto_engine.c crypto: engine - Permit to enqueue all async requests 2018-02-15 23:26:50 +08:00
crypto_null.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
crypto_user_base.c netlink: make validation more configurable for future strictness 2019-04-27 17:07:21 -04:00
crypto_user_stat.c crypto: stat - remove unused mutex 2019-01-18 18:43:43 +08:00
ctr.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
cts.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
deflate.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
des_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
dh_helper.c crypto: dh - make crypto_dh_encode_key() make robust 2018-08-03 18:06:06 +08:00
dh.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
drbg.c crypto: drbg - add FIPS 140-2 CTRNG for noise source 2019-05-23 14:01:06 +08:00
ecb.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
ecc_curve_defs.h crypto: ecc - make ecc into separate module 2019-04-18 22:15:02 +08:00
ecc.c crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm 2019-04-18 22:15:02 +08:00
ecc.h crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm 2019-04-18 22:15:02 +08:00
ecdh_helper.c crypto: ecdh - return unsigned value for crypto_ecdh_key_len() 2017-10-12 22:55:00 +08:00
ecdh.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
echainiv.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
ecrdsa_defs.h crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm 2019-04-18 22:15:02 +08:00
ecrdsa_params.asn1 crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm 2019-04-18 22:15:02 +08:00
ecrdsa_pub_key.asn1 crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm 2019-04-18 22:15:02 +08:00
ecrdsa.c crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm 2019-04-18 22:15:02 +08:00
fcrypt.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
fips.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
gcm.c crypto: gcm - fix incompatibility between "gcm" and "gcm_base" 2019-04-19 13:53:13 +08:00
gf128mul.c crypto: gf128mul - remove incorrect comment 2017-12-22 19:52:40 +11:00
ghash-generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
hash_info.c crypto: streebog - register Streebog in hash info for IMA 2018-11-16 14:09:40 +08:00
hmac.c crypto: shash - remove shash_desc::flags 2019-04-25 15:38:12 +08:00
internal.h crypto: api - Introduce notifier for new crypto algorithms 2018-09-04 11:37:04 +08:00
jitterentropy-kcapi.c crypto: jitter - update implementation to 2.1.2 2019-06-06 14:38:57 +08:00
jitterentropy.c crypto: jitter - update implementation to 2.1.2 2019-06-06 14:38:57 +08:00
Kconfig crypto: cryptd - move kcrypto_wq into cryptd 2019-05-30 15:28:41 +08:00
keywrap.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
khazad.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
kpp.c crypto: user - clean up report structure copying 2018-11-09 17:41:39 +08:00
lrw.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-05-06 20:15:06 -07:00
lz4.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
lz4hc.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
lzo-rle.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
lzo.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
Makefile crypto: cryptd - move kcrypto_wq into cryptd 2019-05-30 15:28:41 +08:00
md4.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
md5.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
memneq.c crypto: memneq - fix for archs without efficient unaligned access 2013-12-09 20:09:12 +08:00
michael_mic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
morus640.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
morus1280.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
nhpoly1305.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
ofb.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
pcbc.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
pcrypt.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
poly1305_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
proc.c proc: introduce proc_create_seq{,_data} 2018-05-16 07:23:35 +02:00
ripemd.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
rmd128.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
rmd160.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
rmd256.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
rmd320.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
rng.c crypto: user - fix use_after_free of struct xxx_request 2018-12-07 14:15:00 +08:00
rsa_helper.c kbuild: rename *-asn1.[ch] to *.asn1.[ch] 2018-04-07 19:04:02 +09:00
rsa-pkcs1pad.c crypto: akcipher - new verify API for public key algorithms 2019-04-18 22:15:02 +08:00
rsa.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
rsaprivkey.asn1 crypto: rsa - Store rest of the private key components 2016-07-05 23:05:26 +08:00
rsapubkey.asn1 crypto: akcipher - Changes to asymmetric key API 2015-10-14 22:23:16 +08:00
salsa20_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
scatterwalk.c crypto: scatterwalk - remove 'chain' argument from scatterwalk_crypto_chain() 2018-08-03 18:06:03 +08:00
scompress.c crypto: scompress - initialize per-CPU variables on each CPU 2019-04-18 22:15:04 +08:00
seed.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
seqiv.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
serpent_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
sha1_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
sha3_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
sha256_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
sha512_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
shash.c crypto: shash - remove shash_desc::flags 2019-04-25 15:38:12 +08:00
simd.c crypto: simd - convert to use crypto_simd_usable() 2019-03-22 20:57:27 +08:00
skcipher.c crypto: skcipher - don't WARN on unprocessed data after slow walk step 2019-04-08 14:42:55 +08:00
sm3_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
sm4_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
streebog_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
tcrypt.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
tcrypt.h crypto: testmgr - update sm4 test vectors 2018-09-28 12:46:26 +08:00
tea.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
testmgr.c crypto: testmgr - test the shash API 2019-06-06 14:38:57 +08:00
testmgr.h crypto: testmgr - fix length truncation with large page size 2019-05-30 15:28:40 +08:00
tgr192.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
twofish_common.c crypto: replace FSF address with web source in license notices 2017-11-29 17:33:25 +11:00
twofish_generic.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
vmac.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
wp512.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
xcbc.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00
xor.c kmemcheck: stop using GFP_NOTRACK and SLAB_NOTRACK 2017-11-15 18:21:04 -08:00
xts.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-05-06 20:15:06 -07:00
zstd.c crypto: run initcalls for generic implementations earlier 2019-04-18 22:15:03 +08:00