Am Sonntag, 29. Oktober 2023, 21:48:22 CET schrieb Dimitri John Ledkov: Hi Dimitri, > Update code comment, self test & healthcheck to use HMAC SHA512, > instead of HMAC SHA256. These changes are in dead-code, or FIPS > enabled code-paths only and have not effect on usual kernel builds. > > On systems booting in FIPS mode that has the effect of switch sanity > selftest to HMAC sha512 based (which has been the default DRBG). > > Fixes: 9b7b94683a ("crypto: DRBG - switch to HMAC SHA512 DRBG as default > DRBG") Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@xxxxxxxxxxxxx> > --- > crypto/drbg.c | 12 ++++++------ > 1 file changed, 6 insertions(+), 6 deletions(-) > > diff --git a/crypto/drbg.c b/crypto/drbg.c > index b120e2866b..99666193d9 100644 > --- a/crypto/drbg.c > +++ b/crypto/drbg.c > @@ -111,9 +111,9 @@ > * as stdrng. Each DRBG receives an increasing cra_priority values the > later * they are defined in this array (see drbg_fill_array). > * > - * HMAC DRBGs are favored over Hash DRBGs over CTR DRBGs, and > - * the SHA256 / AES 256 over other ciphers. Thus, the favored > - * DRBGs are the latest entries in this array. > + * HMAC DRBGs are favored over Hash DRBGs over CTR DRBGs, and the > + * HMAC-SHA512 / SHA256 / AES 256 over other ciphers. Thus, the > + * favored DRBGs are the latest entries in this array. > */ > static const struct drbg_core drbg_cores[] = { > #ifdef CONFIG_CRYPTO_DRBG_CTR > @@ -1475,8 +1475,8 @@ static int drbg_generate(struct drbg_state *drbg, > int err = 0; > pr_devel("DRBG: start to perform self test\n"); > if (drbg->core->flags & DRBG_HMAC) > - err = alg_test("drbg_pr_hmac_sha256", > - "drbg_pr_hmac_sha256", 0, 0); > + err = alg_test("drbg_pr_hmac_sha512", > + "drbg_pr_hmac_sha512", 0, 0); > else if (drbg->core->flags & DRBG_CTR) > err = alg_test("drbg_pr_ctr_aes256", > "drbg_pr_ctr_aes256", 0, 0); > @@ -2023,7 +2023,7 @@ static inline int __init drbg_healthcheck_sanity(void) > drbg_convert_tfm_core("drbg_nopr_sha256", &coreref, &pr); > #endif > #ifdef CONFIG_CRYPTO_DRBG_HMAC > - drbg_convert_tfm_core("drbg_nopr_hmac_sha256", &coreref, &pr); > + drbg_convert_tfm_core("drbg_nopr_hmac_sha512", &coreref, &pr); > #endif > > drbg = kzalloc(sizeof(struct drbg_state), GFP_KERNEL); Reviewed-by: Stephan Mueller <smueller@xxxxxxxxxx> Ciao Stephan