'Re: [PATCH 3/4] crypto: drbg - ensure drbg hmac sha512 is used in FIPS selftests'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-crypto-vger
Subject:    Re: [PATCH 3/4] crypto: drbg - ensure drbg hmac sha512 is used in FIPS selftests
From:       Stephan Mueller <smueller () chronox ! de>
Date:       2023-10-30 10:25:10
Message-ID: 13171794.nZ9L9QUk69 () tauon ! chronox ! de
[Download RAW message or body]

Am Sonntag, 29. Oktober 2023, 21:48:22 CET schrieb Dimitri John Ledkov:

Hi Dimitri,

> Update code comment, self test & healthcheck to use HMAC SHA512,
> instead of HMAC SHA256. These changes are in dead-code, or FIPS
> enabled code-paths only and have not effect on usual kernel builds.
> 
> On systems booting in FIPS mode that has the effect of switch sanity
> selftest to HMAC sha512 based (which has been the default DRBG).
> 
> Fixes: 9b7b94683a ("crypto: DRBG - switch to HMAC SHA512 DRBG as default
> DRBG") Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
> ---
>  crypto/drbg.c | 12 ++++++------
>  1 file changed, 6 insertions(+), 6 deletions(-)
> 
> diff --git a/crypto/drbg.c b/crypto/drbg.c
> index b120e2866b..99666193d9 100644
> --- a/crypto/drbg.c
> +++ b/crypto/drbg.c
> @@ -111,9 +111,9 @@
>   * as stdrng. Each DRBG receives an increasing cra_priority values the
> later * they are defined in this array (see drbg_fill_array).
>   *
> - * HMAC DRBGs are favored over Hash DRBGs over CTR DRBGs, and
> - * the SHA256 / AES 256 over other ciphers. Thus, the favored
> - * DRBGs are the latest entries in this array.
> + * HMAC DRBGs are favored over Hash DRBGs over CTR DRBGs, and the
> + * HMAC-SHA512 / SHA256 / AES 256 over other ciphers. Thus, the
> + * favored DRBGs are the latest entries in this array.
>   */
>  static const struct drbg_core drbg_cores[] = {
>  #ifdef CONFIG_CRYPTO_DRBG_CTR
> @@ -1475,8 +1475,8 @@ static int drbg_generate(struct drbg_state *drbg,
>  		int err = 0;
>  		pr_devel("DRBG: start to perform self test\n");
>  		if (drbg->core->flags & DRBG_HMAC)
> -			err = alg_test("drbg_pr_hmac_sha256",
> -				       "drbg_pr_hmac_sha256", 0, 0);
> +			err = alg_test("drbg_pr_hmac_sha512",
> +				       "drbg_pr_hmac_sha512", 0, 0);
>  		else if (drbg->core->flags & DRBG_CTR)
>  			err = alg_test("drbg_pr_ctr_aes256",
>  				       "drbg_pr_ctr_aes256", 0, 0);
> @@ -2023,7 +2023,7 @@ static inline int __init drbg_healthcheck_sanity(void)
> drbg_convert_tfm_core("drbg_nopr_sha256", &coreref, &pr);
>  #endif
>  #ifdef CONFIG_CRYPTO_DRBG_HMAC
> -	drbg_convert_tfm_core("drbg_nopr_hmac_sha256", &coreref, &pr);
> +	drbg_convert_tfm_core("drbg_nopr_hmac_sha512", &coreref, &pr);
>  #endif
> 
>  	drbg = kzalloc(sizeof(struct drbg_state), GFP_KERNEL);

Reviewed-by: Stephan Mueller <smueller@chronox.de>

Ciao
Stephan


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic