https://bugzilla.suse.com/show_bug.cgi?id=1173183 https://bugzilla.suse.com/show_bug.cgi?id=1173183#c8 --- Comment #8 from Vítězslav Čížek --- (In reply to Cristian Rodríguez from comment #3)

(In reply to Andrei Borzenkov from comment #1)

...

This appears to be local SUSE problem due to openssl-fips_entropy_reseeding.patch in openssl. This patch adds explicit read of /dev/urandom:

That is funny..and dead wrong.. There is no need to reseed anything, Random number generator uses a FIPS approved algorithm ..oh and did I tell you openssl 1.1.x does not have a FIPS module at all ?

Our openssl 1.1.x packages contain patches which implement FIPS support. (In reply to Cristian Rodríguez from comment #7)

The relevant part for this report, is that it tries to reseed the DBRNG to comply with FIPS requirements.. but openssl 1.1.1 (not old versions mind you!) uses AES-CTR DRBG according to NIST standard SP 800-90Ar1.which is FIPS approved.

In openssl 1.1.1, the random number generator was indeed replaced by the NIST standardized DRBG, and our openssl 1.1.1 package doesn't contain the openssl-fips_entropy_reseeding.patch anymore. However, Leap 15.1 (or SLE-15-SP{0,1}) ships openssl 1.1.0 which still contains the old random generator, so we kept the patch. Some history context, the linked bugs are internal though, I'm afraid. The reseeding requirement for /dev/urandom usage didn't actually come from a FIPS certification, it was required by BSI (German Federal Office for Information Security) for Common Criteria instead (bug 908372). Due to the chained nature of the random generators in openssl and the usage of /dev/urandom as a key source, it was requested to fetch and mix in as many bits from /dev/urandom to the secondary DRBG as were requested to keep sufficient entropy. The FIPS code was later changed to use getrandom instead of /dev/urandom in bug 1027079. -- You are receiving this mail because: You are on the CC list for the bug.