Add periodic DRBG health checks as required by SP800-90.

[oweals/openssl.git] / fips / rand / fips_rand_lcl.h

diff --git a/fips/rand/fips_rand_lcl.h b/fips/rand/fips_rand_lcl.h
index 94f58ea4cd7da02e1ebafa1f2f5f96d1426d00f1..eeed0eca2385254b52e9bf3121c6c3cb22479055 100644 (file)
--- a/fips/rand/fips_rand_lcl.h
+++ b/fips/rand/fips_rand_lcl.h
@@ -105,6 +105,8 @@ struct drbg_ctr_ctx_st
  */
 #define DRBG_MAX_BLOCK                 EVP_MAX_MD_SIZE
 
+#define DRBG_HEALTH_INTERVAL           (1 << 24)
+
 /* DRBG context structure */
 
 struct drbg_ctx_st
@@ -114,6 +116,8 @@ struct drbg_ctx_st
        int type;
        /* Various flags */
        unsigned int flags;
+       /* Used for periodic health checks */
+       int health_check_cnt, health_check_interval;
 
        /* The following parameters are setup by mechanism drbg_init() call */
        int strength;