On Thu, 2021-05-20 at 21:31 +0200, Stephan Müller wrote:
> The default DRBG is the one that has the highest priority. The priority
> is defined based on the order of the list drbg_cores[] where the highest
> priority is given to the last entry by drbg_fill_array.
>
> With this patch the default DRBG is switched from HMAC SHA256 to HMAC
> SHA512 to support compliance with SP800-90B and SP800-90C (current
> draft).
>
> The user of the crypto API is completely unaffected by the change.
>
> Signed-off-by: Stephan Mueller <smueller@xxxxxxxxxx>
> ---
> crypto/drbg.c | 12 ++++++------
> 1 file changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/crypto/drbg.c b/crypto/drbg.c
> index 1b4587e0ddad..ea85d4a0fe9e 100644
> --- a/crypto/drbg.c
> +++ b/crypto/drbg.c
> @@ -176,18 +176,18 @@ static const struct drbg_core drbg_cores[] = {
> .blocklen_bytes = 48,
> .cra_name = "hmac_sha384",
> .backend_cra_name = "hmac(sha384)",
> - }, {
> - .flags = DRBG_HMAC | DRBG_STRENGTH256,
> - .statelen = 64, /* block length of cipher */
> - .blocklen_bytes = 64,
> - .cra_name = "hmac_sha512",
> - .backend_cra_name = "hmac(sha512)",
> }, {
> .flags = DRBG_HMAC | DRBG_STRENGTH256,
> .statelen = 32, /* block length of cipher */
> .blocklen_bytes = 32,
> .cra_name = "hmac_sha256",
> .backend_cra_name = "hmac(sha256)",
> + }, {
> + .flags = DRBG_HMAC | DRBG_STRENGTH256,
> + .statelen = 64, /* block length of cipher */
> + .blocklen_bytes = 64,
> + .cra_name = "hmac_sha512",
> + .backend_cra_name = "hmac(sha512)",
> },
> #endif /* CONFIG_CRYPTO_DRBG_HMAC */
> };
We'd like this to ease certification pains.
Acked-by: simo Sorce <simo@xxxxxxxxxx>
--
Simo Sorce
RHEL Crypto Team
Red Hat, Inc
