PQ FS 2026 part1 #9668
Merged
PQ FS 2026 part1 #9668
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kaleb-himes
force-pushed
the
PQ-FS-2026-Part1
branch
from
638a856 to
ca4ca74
Compare
kaleb-himes
force-pushed
the
PQ-FS-2026-Part1
branch
2 times, most recently
from
489c044 to
38cd661
Compare
Contributor
|
conflicts on bracnh |
…RCT/ADP tests Update ret code to match docs and update docs Replace magic numbers with appropriate define Define MAX_ENTROPY_BITS when MEMUSE not enabled Fix type cast windows detection Older FIPS modules still need the old check CodeSpell you're wrong, that is what I want to name my variable Turn the hostap into a manual dispatch until it gets fixed Upon closer review we can not skip the test when memuse enabled Fix whitespace stuff found by multitest More syntax things Correct comments based on latest findings
kaleb-himes
force-pushed
the
PQ-FS-2026-Part1
branch
from
38cd661 to
20b2fd2
Compare
Contributor
Author
|
Re-synced with master, conflicts resolved. |
SparkiDev
approved these changes
Jan 23, 2026
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Replace the DRBG legacy CRNGT test with the more modern RCT/ADP tests.
CRNGT: Simply compares each block of output from the entropy source with each previous block of output to detect a "stuck entropy source" but suffers a probability failure rate of ~29.80 failures for every 4 billion checks. (keeping in mind a single false-positive means the module must be power cycled to recover from this catastrophic scenario per FIPS 140-2 ss 4.9.2) which leads to high volumes of real-world failures in long running applications (weeks or months under moderate load, days or weeks under heavy load).
RCT/ADP - The Repetition Count Test (RCT) acts as a "stuck-at" detector by failing if a single value repeats consecutively more than a calculated threshold, effectively catching total hardware failures. The Adaptive Proportion Test (ADP) functions as a "bias" detector by counting how many times a specific value appears within a sliding window of samples, identifying subtle statistical collapses that the RCT would otherwise miss.
Fixes issue reported in zd# 21032 for future modules (does not fix legacy modules)
Testing
There is a new test (but it's off by default because it is very slow) in wolfcrypt/test/test.c with two flavors for the Re-Init test, a single threaded and a multi-threaded test.
Single threaded takes a long time but will produce the same rate of failures as the multi-threaded test if entropy pool depletion is not a concern. If entropy pool is small the single threaded option is the best way but it takes longer.
The multi threaded test completes faster by using 40 threads and 100Million iterations per thread to hit the 4 billion goal more quickly. Entropy depletion is a concern so only use this on modern large scale desktop and servers, not on embedded linux.
Examples of configuring and running the tests with and without FIPS enabled are in wolfcrypt/test/README.md along with the investigation results into this issue.
Checklist