Am Sonntag, 29. Oktober 2023, 21:48:21 CET schrieb Dimitri John Ledkov: Hi Dimitri, > When originally drbg was introduced FIPS self-checks for all types but > CTR were using the most preferred parameters for each type of > DRBG. Update CTR self-check to use aes256. > > Fixes: 541af946fe ("crypto: drbg - SP800-90A Deterministic Random Bit > Generator") Signed-off-by: Dimitri John Ledkov > <dimitri.ledkov@xxxxxxxxxxxxx> > --- > crypto/drbg.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/crypto/drbg.c b/crypto/drbg.c > index 2cce18dcfc..b120e2866b 100644 > --- a/crypto/drbg.c > +++ b/crypto/drbg.c > @@ -1478,8 +1478,8 @@ static int drbg_generate(struct drbg_state *drbg, > err = alg_test("drbg_pr_hmac_sha256", > "drbg_pr_hmac_sha256", 0, 0); > else if (drbg->core->flags & DRBG_CTR) > - err = alg_test("drbg_pr_ctr_aes128", > - "drbg_pr_ctr_aes128", 0, 0); > + err = alg_test("drbg_pr_ctr_aes256", > + "drbg_pr_ctr_aes256", 0, 0); > else > err = alg_test("drbg_pr_sha256", > "drbg_pr_sha256", 0, 0); > @@ -2017,7 +2017,7 @@ static inline int __init drbg_healthcheck_sanity(void) > return 0; > > #ifdef CONFIG_CRYPTO_DRBG_CTR > - drbg_convert_tfm_core("drbg_nopr_ctr_aes128", &coreref, &pr); > + drbg_convert_tfm_core("drbg_nopr_ctr_aes256", &coreref, &pr); > #endif > #ifdef CONFIG_CRYPTO_DRBG_HASH > drbg_convert_tfm_core("drbg_nopr_sha256", &coreref, &pr); I am not sure again whether this warrants a "Fixes" tag, because the first modification is in a commented-out code section and the latter again intends to test the DRBG thresholds and thus just needs "a" DRBG. Anyhow: Reviewed-by: Stephan Mueller <smueller@xxxxxxxxxx> Ciao Stephan