Disable blinding for boringssl_self_test_rsa(). Disable blinding for boringssl_self_test_rsa() to avoid an entropy draw like the 'k' value for ECDSA is fixed to avoid an entropy draw in boringssl_self_test_ecc(). The boringssl_self_test_rsa() use entropy to generate the blinding factor and the inverse of blinding factor. Running boringssl_self_test_rsa() from init stage of OS on some devices as the kernel's entropy pool is not yet initialized, causing the process to block for seconds. Bug: None Change-Id: I4c1119c9950553eec030bedf36ec22ab41088f20 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/55545 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com>

commit: 785bb12634b0d2fd39b1e34609bc50366443b67e [log] [tgz]
author: hehe.li <hehe.li@unisoc.com> Tue Dec 06 15:39:46 2022 +0800
committer: Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> Thu Dec 08 23:11:03 2022 +0000
tree: d4f60cc3ed32b7cd64c11caecc8c4813aa99a4dd
parent: c3197fc35b8c9ec2974e891e65d13abff5da4216 [diff]
diff --git a/crypto/fipsmodule/self_check/self_check.c b/crypto/fipsmodule/self_check/self_check.c
index 19f5743..08500e5 100644
--- a/crypto/fipsmodule/self_check/self_check.c
+++ b/crypto/fipsmodule/self_check/self_check.c

@@ -316,6 +316,9 @@
     fprintf(stderr, "RSA key construction failed\n");
     goto err;
   }
+  // Disable blinding for the power-on tests because it's not needed and
+  // triggers an entropy draw.
+  rsa_key->flags |= RSA_FLAG_NO_BLINDING;
 
   // RSA Sign KAT
commit	785bb12634b0d2fd39b1e34609bc50366443b67e	[log] [tgz]
author	hehe.li <hehe.li@unisoc.com>	Tue Dec 06 15:39:46 2022 +0800
committer	Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>	Thu Dec 08 23:11:03 2022 +0000
tree	d4f60cc3ed32b7cd64c11caecc8c4813aa99a4dd
parent	c3197fc35b8c9ec2974e891e65d13abff5da4216 [diff]