On Sat, May 31, 2014 at 03:43:37PM +0200, Stephan Mueller wrote: > Hi, > > the following set of patches implements the deterministic random bit generator > (DRBG) specified by SP800-90A. > > The DRBG implementation offers the following: > > * All three DRBG types are implemented with a derivation function. > * All DRBG types are available with and without prediction resistance. > * All SHA types of SHA-1, SHA-256, SHA-384, SHA-512 are available > for the HMAC and Hash DRBGs. > * All AES types of AES-128, AES-192 and AES-256 are available for the > CTR DRBG. > * A self test is implemented with drbg_healthcheck(). > * The FIPS 140-2 continuous self test is implemented. > * Additional cipher primitives, such as Serpent or Twofish, can be > added to the DRBG without changing the implementation. The only > change necessary is to the DRBG definition given in the cores[] > array. > > As defined in SP800-131A, the ANSI X9.31 DRNG is to be sunset by the end of > this year for official uses, including FIPS 140-2 compliance. > > Additional tests including the CAVS test framework are available at [1]. All applied. -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html