Received: by 2002:a05:6a10:f3d0:0:0:0:0 with SMTP id a16csp284869pxv; Thu, 24 Jun 2021 07:55:01 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyIYdDWrRwiVWnXspfKbhcmxDBCunIA9tbQvgSFFeOFMjooBseVfa4oA7AT+LxfeIZ53uBC X-Received: by 2002:a17:907:d03:: with SMTP id gn3mr5768704ejc.516.1624546501171; Thu, 24 Jun 2021 07:55:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1624546501; cv=none; d=google.com; s=arc-20160816; b=hWPdksQj5y5kxPElahijr4UIXe9TktTGVwBm1m6LieEkmSzG3KnohshFHWhPDJgquU RxFQarlLxeEQrZhIAh/TNBMuDQGjFsStY1fqwJ6z3whAJdWXYQQ9n+1jfJAKqAybQtPS rud4mD5mXsgjyO/TAvwT1QZ6eHxYf4JdJvR2g9NcojW3H3sGvqM3AD+PeqCW7pQi6ChY MeCYYEEy+tvnF3kSrcFAWwA16Xme+WKnd5AIOdjO8lyNASxvVjEn6/28Q1QpqF+MMmHa WSMgDQLtHiUECr3rYlc0xAmRUE2SFjo2u8SM4Ckl5MckmmvlyzmMy1Y7sBbSm9PH38py p6YA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:from:subject :message-id:dkim-signature; bh=W2MgDacQ33/X9d6+F78XQIRZzmwtx0Fdnf86GnFtV00=; b=pOw9LqxZMuv+IjBGOlScbES2XtFCYWY+vEOl+n55J3WQCyGQ+3WLd+M3kN3iYajWLo jin78KjqkBji8EG0WRO8DEZqXj9nI7kKANohwqwmH9ELjwhL4R6lGThlynB3VEKKtyyi OtYJz+ebVIuRyj6sKt3I6heB3vcZ4nDsWDEuQFuJsXuZbJSSsOcr/J1/afU2P7boUPIZ UFicxJzW0LSc0cvCUlMib+hhQEUNQfvjw8kkiFUa21n5dVe5QkEoFFFWDzzHAL5NwJpF avUkRBytR0INK/0VS74dSqq/Q0knVxj88Yf8zXIEtpthIJQ4bA1eB174+Iryqe1DmrTp ai4Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chronox.de header.s=strato-dkim-0002 header.b=F74ogym0; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q18si3837525edi.368.2021.06.24.07.54.29; Thu, 24 Jun 2021 07:55:01 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@chronox.de header.s=strato-dkim-0002 header.b=F74ogym0; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231194AbhFXO4m (ORCPT + 99 others); Thu, 24 Jun 2021 10:56:42 -0400 Received: from mo4-p00-ob.smtp.rzone.de ([81.169.146.218]:18748 "EHLO mo4-p00-ob.smtp.rzone.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230249AbhFXO4m (ORCPT ); Thu, 24 Jun 2021 10:56:42 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1624546457; s=strato-dkim-0002; d=chronox.de; h=References:In-Reply-To:Date:Cc:To:From:Subject:Message-ID:Cc:Date: From:Subject:Sender; bh=W2MgDacQ33/X9d6+F78XQIRZzmwtx0Fdnf86GnFtV00=; b=F74ogym0czh4a+2Z0x0enWuulqBNA2Zr6T6vVzhejRMyzlIfI5ZsODElFZELijRLB6 9VXEOL6zfg080nlvFLdFFx34yHq3yVpyjyUvE4krKr+XX/C6ZTy5RxQobh8+2p697ySq RTpk2epa2mu3JB5USJUvgf4NUIGlSk3sQRuXTGXydf/4p166b43yzTwtKrDU43DX3TEZ wRywUZkfiGtwhJhpPkTGB1GEaltzkIFfaZGV2sEoF6kyrCBhhzU3WFSleJEf1782MeXZ K7WmptH5o00r1KrOeF/kSsdF6mPVLyMKMaqlqFYZRH5m038M2REypGB52Bh5xH7ZkPkP wuBA== Authentication-Results: strato.com; dkim=none X-RZG-AUTH: ":P2ERcEykfu11Y98lp/T7+hdri+uKZK8TKWEqNzyCzy1Sfr67uExK884EC0GFGHavJShFkMdZNkE=" X-RZG-CLASS-ID: mo00 Received: from tauon.chronox.de by smtp.strato.de (RZmta 47.27.5 DYNA|AUTH) with ESMTPSA id L04113x5OEsG6D8 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256 bits)) (Client did not present a certificate); Thu, 24 Jun 2021 16:54:16 +0200 (CEST) Message-ID: <7a7f5523271ffe9784cfc98cf28e474ca5507e6c.camel@chronox.de> Subject: Re: [PATCH] crypto: DRBG - switch to HMAC SHA512 DRBG as default DRBG From: Stephan Mueller To: Herbert Xu Cc: linux-crypto@vger.kernel.org, Vlad Dronov Date: Thu, 24 Jun 2021 16:54:16 +0200 In-Reply-To: <20210624143019.GA20222@gondor.apana.org.au> References: <3171520.o5pSzXOnS6@positron.chronox.de> <20210624143019.GA20222@gondor.apana.org.au> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.38.4 (3.38.4-1.fc33) MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Am Donnerstag, dem 24.06.2021 um 22:30 +0800 schrieb Herbert Xu: > On Thu, May 20, 2021 at 09:31:11PM +0200, Stephan Müller wrote: > > > > diff --git a/crypto/drbg.c b/crypto/drbg.c > > index 1b4587e0ddad..ea85d4a0fe9e 100644 > > --- a/crypto/drbg.c > > +++ b/crypto/drbg.c > > @@ -176,18 +176,18 @@ static const struct drbg_core drbg_cores[] = { > >                 .blocklen_bytes = 48, > >                 .cra_name = "hmac_sha384", > >                 .backend_cra_name = "hmac(sha384)", > > -       }, { > > -               .flags = DRBG_HMAC | DRBG_STRENGTH256, > > -               .statelen = 64, /* block length of cipher */ > > -               .blocklen_bytes = 64, > > -               .cra_name = "hmac_sha512", > > -               .backend_cra_name = "hmac(sha512)", > >         }, { > >                 .flags = DRBG_HMAC | DRBG_STRENGTH256, > >                 .statelen = 32, /* block length of cipher */ > >                 .blocklen_bytes = 32, > >                 .cra_name = "hmac_sha256", > >                 .backend_cra_name = "hmac(sha256)", > > +       }, { > > +               .flags = DRBG_HMAC | DRBG_STRENGTH256, > > +               .statelen = 64, /* block length of cipher */ > > +               .blocklen_bytes = 64, > > +               .cra_name = "hmac_sha512", > > +               .backend_cra_name = "hmac(sha512)", > >         }, > > Hi Stephan: > > I just noticed that unlike hmac(sha256) drbg with hmac(sha512) > doesn't have a self-test.  Could you add one for it please? Thank you very much for pointing this out. I will prepare one asap. Thanks Stephan > > Thanks,