Browse Source

[rng] Choose HMAC_DRBG using SHA-256 as the DRBG algorithm

Both HMAC_DRBG using SHA-1 and HMAC_DRBG using SHA-256 are Approved
algorithms in ANS X9.82 for our chosen security strength of 128 bits.
However, general recommendations (see e.g. NIST SP800-57) are to use a
larger hash function in preference to SHA-1.

Since SHA-256 is required anyway for TLSv1.2 support, there is no code
size penalty for switching HMAC_DRBG to also use SHA-256.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown 12 years ago
parent
commit
8d038040ea
1 changed files with 6 additions and 7 deletions
  1. 6
    7
      src/include/ipxe/drbg.h

+ 6
- 7
src/include/ipxe/drbg.h View File

@@ -10,14 +10,14 @@
10 10
 FILE_LICENCE ( GPL2_OR_LATER );
11 11
 
12 12
 #include <stdint.h>
13
-#include <ipxe/sha1.h>
13
+#include <ipxe/sha256.h>
14 14
 #include <ipxe/hmac_drbg.h>
15 15
 
16
-/** Choose HMAC_DRBG using SHA-1
16
+/** Choose HMAC_DRBG using SHA-256
17 17
  *
18
- * HMAC_DRBG using SHA-1 is an Approved algorithm in ANS X9.82.
18
+ * HMAC_DRBG using SHA-256 is an Approved algorithm in ANS X9.82.
19 19
  */
20
-#define HMAC_DRBG_ALGORITHM HMAC_DRBG_SHA1
20
+#define HMAC_DRBG_ALGORITHM HMAC_DRBG_SHA256
21 21
 
22 22
 /** Maximum security strength */
23 23
 #define DRBG_MAX_SECURITY_STRENGTH \
@@ -25,10 +25,9 @@ FILE_LICENCE ( GPL2_OR_LATER );
25 25
 
26 26
 /** Security strength
27 27
  *
28
- * We choose to operate at the maximum security strength supported by
29
- * the algorithm.
28
+ * We choose to operate at a strength of 128 bits.
30 29
  */
31
-#define DRBG_SECURITY_STRENGTH DRBG_MAX_SECURITY_STRENGTH
30
+#define DRBG_SECURITY_STRENGTH 128
32 31
 
33 32
 /** Minimum entropy input length */
34 33
 #define DRBG_MIN_ENTROPY_LEN_BYTES \

Loading…
Cancel
Save