Squashed commit of the following:

Digest stored entropy for CRNG test.

Via the FIPS lab, NIST confirmed:

    The CMVP had a chance to discuss this inquiry and we agree that
    hashing the NDRNG block does meet the spirit and letter of AS09.42.

    However, the CMVP did have a few questions: what hash algorithm would
    be used in this application? Is it approved? Is it CAVs tested?

SHA256 is being used here and it will be both approved and CAVs tested.

This means that no raw entropy needs to be kept between RNG seedings, preventing
a potential attack vector aganst the randomness source and the DRBG chains.

It also means the block of secure memory allocated for this purpose is no longer
required.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8790)

1 files changed, 4 insertions, 2 deletions

diff --git a/crypto/rand/rand_lcl.h b/crypto/rand/rand_lcl.h
index d793d28213..3ce5f7ad97 100644
--- a/crypto/rand/rand_lcl.h
+++ b/crypto/rand/rand_lcl.h
@@ -334,8 +334,10 @@ int drbg_hmac_init(RAND_DRBG *drbg);
  * Entropy call back for the FIPS 140-2 section 4.9.2 Conditional Tests.
  * These need to be exposed for the unit tests.
  */
-int rand_crngt_get_entropy_cb(unsigned char *buf);
-extern int (*crngt_get_entropy)(unsigned char *);
+int rand_crngt_get_entropy_cb(unsigned char *buf, unsigned char *md,
+                              unsigned int *md_size);
+extern int (*crngt_get_entropy)(unsigned char *buf, unsigned char *md,
+                                unsigned int *md_size);
 int rand_crngt_init(void);
 void rand_crngt_cleanup(void);