Message ID | 20150611005510.GA9267@gondor.apana.org.au (mailing list archive) |
---|---|
State | Accepted |
Delegated to: | Herbert Xu |
Headers | show |
Am Donnerstag, 11. Juni 2015, 08:55:10 schrieb Herbert Xu: Hi Herbert, > The hash-based DRBG variants all use sha256 so we need to add a > select on it. Would that be sufficient? We can have SHA1, SHA384 and SHA512 with the current drbg_cores[] too.
On Thu, Jun 11, 2015 at 03:37:38AM +0200, Stephan Mueller wrote: > Am Donnerstag, 11. Juni 2015, 08:55:10 schrieb Herbert Xu: > > Hi Herbert, > > > The hash-based DRBG variants all use sha256 so we need to add a > > select on it. > > Would that be sufficient? We can have SHA1, SHA384 and SHA512 with the current > drbg_cores[] too. Yes but only sha256 is used by default, no? Cheers,
Am Donnerstag, 11. Juni 2015, 09:40:04 schrieb Herbert Xu: Hi Herbert, > On Thu, Jun 11, 2015 at 03:37:38AM +0200, Stephan Mueller wrote: > > Am Donnerstag, 11. Juni 2015, 08:55:10 schrieb Herbert Xu: > > > > Hi Herbert, > > > > > The hash-based DRBG variants all use sha256 so we need to add a > > > select on it. > > > > Would that be sufficient? We can have SHA1, SHA384 and SHA512 with the > > current drbg_cores[] too. > > Yes but only sha256 is used by default, no? Yes, per default, that is true. Thus, if we care only about the default, then the patch is fine.
diff --git a/crypto/Kconfig b/crypto/Kconfig index cb7806f..f6fc054 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -1508,10 +1508,11 @@ config CRYPTO_DRBG_HMAC bool default y select CRYPTO_HMAC + select CRYPTO_SHA256 config CRYPTO_DRBG_HASH bool "Enable Hash DRBG" - select CRYPTO_HASH + select CRYPTO_SHA256 help Enable the Hash DRBG variant as defined in NIST SP800-90A.
The hash-based DRBG variants all use sha256 so we need to add a select on it. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> --- crypto/Kconfig | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)