Health Test Induced Failure tests #167
Description
I work at a FIPS testing lab (Gossamer), and have recently received new comments from the CMVP asking for more details for the induced failure testing that was done for the Entropy health tests (APT, RCT, etc.) We believe if we are starting to receive this comment, other labs will also begin to see this and need a solution.
As many vendors use JEnt, we believe it would be beneficial to have a test tool inside the actual source. This way if vendors are using the latest version, their source will already have the test tool and they would just need to compile and run it.
We have imagined such a test tool is to just use the health test functions (jent_apt_init(), jent_apt_insert(), jent_rct_init(), etc.) with known bad samples and read out the error code from jent_health_failure(). But as the "insert" functions are not exposed in the header, this would not be possible without exposing these. Seeing as jent_stuck() does however use these "insert" functions and is public, this could possibly be used?