Re: [PATCH v3 1/3] crypto: drbg: DRBG should select SHA512

From: Herbert Xu
Date: Thu Apr 30 2020 - 00:44:18 EST


On Fri, Apr 24, 2020 at 01:40:45PM +0000, Corentin Labbe wrote:
> Since DRBG could use SHA384/SHA512, it should select it.
>
> Signed-off-by: Corentin Labbe <clabbe@xxxxxxxxxxxx>
> ---
> crypto/Kconfig | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/crypto/Kconfig b/crypto/Kconfig
> index c24a47406f8f..6d27fc6a7bf5 100644
> --- a/crypto/Kconfig
> +++ b/crypto/Kconfig
> @@ -1810,10 +1810,12 @@ config CRYPTO_DRBG_HMAC
> default y
> select CRYPTO_HMAC
> select CRYPTO_SHA256
> + select CRYPTO_SHA512
>
> config CRYPTO_DRBG_HASH
> bool "Enable Hash DRBG"
> select CRYPTO_SHA256
> + select CRYPTO_SHA512
> help
> Enable the Hash DRBG variant as defined in NIST SP800-90A.

The default hash drbg is sha256, the others are only optional.

Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt