summaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorDimitri John Ledkov <dimitri.ledkov@canonical.com>2023-10-30 13:05:15 +0100
committerHerbert Xu <herbert@gondor.apana.org.au>2023-11-17 12:16:29 +0100
commitdd9af7046d815a4d6ee77c2958d98de2af294309 (patch)
tree6974a44a3b3b052bf7728c63c10bf34b99dbc964 /crypto
parentcrypto: drbg - update FIPS CTR self-checks to aes256 (diff)
downloadlinux-dd9af7046d815a4d6ee77c2958d98de2af294309.tar.xz
linux-dd9af7046d815a4d6ee77c2958d98de2af294309.zip
crypto: drbg - ensure drbg hmac sha512 is used in FIPS selftests
Update code comment, self test & healthcheck to use HMAC SHA512, instead of HMAC SHA256. These changes are in dead-code, or FIPS enabled code-paths only and have not effect on usual kernel builds. On systems booting in FIPS mode that has the effect of switch sanity selftest to HMAC sha512 based (which has been the default DRBG). This patch updates code from 9b7b94683a ("crypto: DRBG - switch to HMAC SHA512 DRBG as default DRBG"), but is not interesting to cherry-pick for stable updates, because it doesn't affect regular builds, nor has any tangible effect on FIPS certifcation. Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com> Reviewed-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
-rw-r--r--crypto/drbg.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/crypto/drbg.c b/crypto/drbg.c
index 52731bc57e70..9ac034bb23fa 100644
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -111,9 +111,9 @@
* as stdrng. Each DRBG receives an increasing cra_priority values the later
* they are defined in this array (see drbg_fill_array).
*
- * HMAC DRBGs are favored over Hash DRBGs over CTR DRBGs, and
- * the SHA256 / AES 256 over other ciphers. Thus, the favored
- * DRBGs are the latest entries in this array.
+ * HMAC DRBGs are favored over Hash DRBGs over CTR DRBGs, and the
+ * HMAC-SHA512 / SHA256 / AES 256 over other ciphers. Thus, the
+ * favored DRBGs are the latest entries in this array.
*/
static const struct drbg_core drbg_cores[] = {
#ifdef CONFIG_CRYPTO_DRBG_CTR
@@ -1475,8 +1475,8 @@ static int drbg_generate(struct drbg_state *drbg,
int err = 0;
pr_devel("DRBG: start to perform self test\n");
if (drbg->core->flags & DRBG_HMAC)
- err = alg_test("drbg_pr_hmac_sha256",
- "drbg_pr_hmac_sha256", 0, 0);
+ err = alg_test("drbg_pr_hmac_sha512",
+ "drbg_pr_hmac_sha512", 0, 0);
else if (drbg->core->flags & DRBG_CTR)
err = alg_test("drbg_pr_ctr_aes256",
"drbg_pr_ctr_aes256", 0, 0);
@@ -2023,7 +2023,7 @@ static inline int __init drbg_healthcheck_sanity(void)
drbg_convert_tfm_core("drbg_nopr_sha256", &coreref, &pr);
#endif
#ifdef CONFIG_CRYPTO_DRBG_HMAC
- drbg_convert_tfm_core("drbg_nopr_hmac_sha256", &coreref, &pr);
+ drbg_convert_tfm_core("drbg_nopr_hmac_sha512", &coreref, &pr);
#endif
drbg = kzalloc(sizeof(struct drbg_state), GFP_KERNEL);