Hi , We were planning on using the nss drbg model for validating the HASH_DRBG implementation inside (nss-3.14.3/mozilla/security/nss/cmd/fipstest) . The fipstest.c needs updating for FIPS SP800-90A testing to validate drbg .
Please refer to the following documents Validation document -> http://csrc.nist.gov/groups/STM/cavp/documents/drbg/DRBGVS.pdf In the above document the steps for Generating random number has changed to (1) instantiate drbg (2) reseed (3) generate ReturnedBitsLen random bits, do not print (4) generate ReturnedBitsLen random bits, print out (5) uninstantiate. For Prediction resistance false Previously it was (1) instantiate drbg (2) generate ReturnedBitsLen random bits, do not print (3) reseed (4) generate ReturnedBitsLen random bits, print out (5) uninstantiate. The fipstest,.c and drbg.c needs updating . -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
