diff options
author | Michael Brown <mcb30@ipxe.org> | 2012-03-06 13:42:06 +0000 |
---|---|---|
committer | Michael Brown <mcb30@ipxe.org> | 2012-03-06 13:42:06 +0000 |
commit | 8d038040eaac85bbe08f0b5ba507ff0167b3a2f3 (patch) | |
tree | 8cf96f207c7be185a397ffe776d3101ce49abf4a | |
parent | a810258b429f846fbf4ff51c37847dcf66b87e4f (diff) | |
download | ipxe-8d038040eaac85bbe08f0b5ba507ff0167b3a2f3.zip ipxe-8d038040eaac85bbe08f0b5ba507ff0167b3a2f3.tar.gz ipxe-8d038040eaac85bbe08f0b5ba507ff0167b3a2f3.tar.bz2 |
[rng] Choose HMAC_DRBG using SHA-256 as the DRBG algorithm
Both HMAC_DRBG using SHA-1 and HMAC_DRBG using SHA-256 are Approved
algorithms in ANS X9.82 for our chosen security strength of 128 bits.
However, general recommendations (see e.g. NIST SP800-57) are to use a
larger hash function in preference to SHA-1.
Since SHA-256 is required anyway for TLSv1.2 support, there is no code
size penalty for switching HMAC_DRBG to also use SHA-256.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
-rw-r--r-- | src/include/ipxe/drbg.h | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/src/include/ipxe/drbg.h b/src/include/ipxe/drbg.h index 139f03c..6374e77 100644 --- a/src/include/ipxe/drbg.h +++ b/src/include/ipxe/drbg.h @@ -10,14 +10,14 @@ FILE_LICENCE ( GPL2_OR_LATER ); #include <stdint.h> -#include <ipxe/sha1.h> +#include <ipxe/sha256.h> #include <ipxe/hmac_drbg.h> -/** Choose HMAC_DRBG using SHA-1 +/** Choose HMAC_DRBG using SHA-256 * - * HMAC_DRBG using SHA-1 is an Approved algorithm in ANS X9.82. + * HMAC_DRBG using SHA-256 is an Approved algorithm in ANS X9.82. */ -#define HMAC_DRBG_ALGORITHM HMAC_DRBG_SHA1 +#define HMAC_DRBG_ALGORITHM HMAC_DRBG_SHA256 /** Maximum security strength */ #define DRBG_MAX_SECURITY_STRENGTH \ @@ -25,10 +25,9 @@ FILE_LICENCE ( GPL2_OR_LATER ); /** Security strength * - * We choose to operate at the maximum security strength supported by - * the algorithm. + * We choose to operate at a strength of 128 bits. */ -#define DRBG_SECURITY_STRENGTH DRBG_MAX_SECURITY_STRENGTH +#define DRBG_SECURITY_STRENGTH 128 /** Minimum entropy input length */ #define DRBG_MIN_ENTROPY_LEN_BYTES \ |