robin.thoni/ipxe - git rthoni.com

Michael Brown 742e43be05 [rng] Use SHA-256 for Hash_df, and validate the hash function strength ANS X9.82 Part 4 (April 2011 Draft) Section 13.3.4.2 states that "When using the derivation function based on a hash function, the output length of the hash function shall meet or exceed the security strength indicated by the min_entropy parameter in the Get_entropy_input call", although this criteria is missing from the pseudocode provided in the same section. Add a test for this condition, and upgrade from SHA-1 to SHA-256 since SHA-1 has an output length of 160 bits, which is insufficient for generating the (128 * 3/2 = 192) bits required when instantiating the 128-bit strength DRBG. Signed-off-by: Michael Brown <mcb30@ipxe.org>		13 years ago
contrib	[contrib] Fix rom-o-matic	13 years ago
src	[rng] Use SHA-256 for Hash_df, and validate the hash function strength	13 years ago
COPYING	Initial revision	20 years ago
COPYRIGHTS	[build] Rename gPXE to iPXE	15 years ago
README	[doc] Re-add README file	14 years ago

iPXE README File

Quick start guide:

   cd src
   make

For any more detailed instructions, see http://ipxe.org