diff options
| -rw-r--r-- | db/tests.db | 3 | ||||
| -rw-r--r-- | include/tests_crypto | 26 |
2 files changed, 26 insertions, 3 deletions
diff --git a/db/tests.db b/db/tests.db index d051c77d..76884a45 100644 --- a/db/tests.db +++ b/db/tests.db @@ -87,7 +87,8 @@ CORE-1000:test:performance:system_integrity::Check all system binaries: CRYP-7902:test:security:crypto::Check expire date of SSL certificates: CRYP-7930:test:security:crypto:Linux:Determine if system uses LUKS encryption: CRYP-8002:test:security:crypto:Linux:Gather kernel entropy: -CRYP-8004:test:security:crypto:Linux:Presence of hardware number generator: +CRYP-8004:test:security:crypto:Linux:Presence of hardware random number generators: +CRYP-8005:test:security:crypto:Linux:Presence of software pseudo random number generators: DNS-1600:test:security:dns::Validating that the DNSSEC signatures are checked: DBS-1804:test:security:databases::Checking active MySQL process: DBS-1816:test:security:databases::Checking MySQL root password: diff --git a/include/tests_crypto b/include/tests_crypto index 6a9cb5f2..5c2a0804 100644 --- a/include/tests_crypto +++ b/include/tests_crypto @@ -196,8 +196,8 @@ ################################################################################# # # Test : CRYP-8004 - # Description : Test for presence of random number generators - Register --test-no CRYP-8004 --os Linux --weight L --network NO --root-only NO --category security --description "Presence of random number generators" + # Description : Test for presence of hardware random number generators + Register --test-no CRYP-8004 --os Linux --weight L --network NO --root-only NO --category security --description "Presence of hardware random number generators" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: looking for ${ROOTDIR}sys/class/misc/hw_random/rng_current" if [ -f "${ROOTDIR}sys/class/misc/hw_random/rng_current" ]; then @@ -224,6 +224,28 @@ # ################################################################################# # + # Test : CRYP-8005 + # Description : Test for presence of software pseudo random number generators + Register --test-no CRYP-8005 --os Linux --weight L --network NO --root-only NO --category security --description "Presence of software pseudo random number generators" + if [ ${SKIPTEST} -eq 0 ]; then + LogText "Test: looking for software pseudo random number generators" + FOUND="" + for SERVICE in audio-entropyd havegd jitterentropy-rngd; do + if IsRunning "${SERVICE}" --full; then + FOUND="${FOUND} ${SERVICE}" + fi + done + if [ -z "${FOUND}" ]; then + Display --indent 2 --text "- SW prng" --result "${STATUS_NO}" --color YELLOW + ReportSuggestion "${TEST_NO}" "Utilize software pseudo random number generators" + else + Display --indent 2 --text "- SW prng" --result "${STATUS_YES}" --color GREEN + LogText "Result: found ${FOUND} running" + fi + fi +# +################################################################################# +# WaitForKeyPress |