* [PATCH v2 1/2] crypto: drbg: DRBG should select SHA512
@ 2020-03-10 21:05 Corentin Labbe
2020-03-10 21:05 ` [PATCH v2 2/2] crypto: drbg: DRBG_CTR should select CTR Corentin Labbe
0 siblings, 1 reply; 3+ messages in thread
From: Corentin Labbe @ 2020-03-10 21:05 UTC (permalink / raw)
To: davem, herbert; +Cc: linux-crypto, linux-kernel, Corentin Labbe
Since DRBG could use SHA384/SHA512, it should select it.
Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
---
crypto/Kconfig | 2 ++
1 file changed, 2 insertions(+)
diff --git a/crypto/Kconfig b/crypto/Kconfig
index c24a47406f8f..6d27fc6a7bf5 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -1810,10 +1810,12 @@ config CRYPTO_DRBG_HMAC
default y
select CRYPTO_HMAC
select CRYPTO_SHA256
+ select CRYPTO_SHA512
config CRYPTO_DRBG_HASH
bool "Enable Hash DRBG"
select CRYPTO_SHA256
+ select CRYPTO_SHA512
help
Enable the Hash DRBG variant as defined in NIST SP800-90A.
--
2.24.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH v2 2/2] crypto: drbg: DRBG_CTR should select CTR
2020-03-10 21:05 [PATCH v2 1/2] crypto: drbg: DRBG should select SHA512 Corentin Labbe
@ 2020-03-10 21:05 ` Corentin Labbe
2020-03-20 2:47 ` Herbert Xu
0 siblings, 1 reply; 3+ messages in thread
From: Corentin Labbe @ 2020-03-10 21:05 UTC (permalink / raw)
To: davem, herbert; +Cc: linux-crypto, linux-kernel, Corentin Labbe
if CRYPTO_DRBG_CTR is builtin and CTR is module, allocating such algo
will fail.
DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
alg: drbg: Failed to reset rng
alg: drbg: Test 0 failed for drbg_pr_ctr_aes128
DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
alg: drbg: Failed to reset rng
alg: drbg: Test 0 failed for drbg_nopr_ctr_aes128
DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
alg: drbg: Failed to reset rng
alg: drbg: Test 0 failed for drbg_nopr_ctr_aes192
DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
alg: drbg: Failed to reset rng
ialg: drbg: Test 0 failed for drbg_nopr_ctr_aes256
Since setting DRBG_CTR=CTR lead to a recursive dependency, let's depends
on CTR=y
Just selecting CTR lead also to a recursive dependency:
crypto/Kconfig:1800:error: recursive dependency detected!
crypto/Kconfig:1800: symbol CRYPTO_DRBG_MENU is selected by
CRYPTO_RNG_DEFAULT
crypto/Kconfig:83: symbol CRYPTO_RNG_DEFAULT is selected by
CRYPTO_SEQIV
crypto/Kconfig:330: symbol CRYPTO_SEQIV is selected by CRYPTO_CTR
crypto/Kconfig:370: symbol CRYPTO_CTR is selected by CRYPTO_DRBG_CTR
crypto/Kconfig:1822: symbol CRYPTO_DRBG_CTR depends on
CRYPTO_DRBG_MENU
Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
---
Changes since v1:
- Updated commit message with recursive dependency
crypto/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 6d27fc6a7bf5..eddeb43fc01c 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -1822,7 +1822,7 @@ config CRYPTO_DRBG_HASH
config CRYPTO_DRBG_CTR
bool "Enable CTR DRBG"
select CRYPTO_AES
- depends on CRYPTO_CTR
+ depends on CRYPTO_CTR=y
help
Enable the CTR DRBG variant as defined in NIST SP800-90A.
--
2.24.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH v2 2/2] crypto: drbg: DRBG_CTR should select CTR
2020-03-10 21:05 ` [PATCH v2 2/2] crypto: drbg: DRBG_CTR should select CTR Corentin Labbe
@ 2020-03-20 2:47 ` Herbert Xu
0 siblings, 0 replies; 3+ messages in thread
From: Herbert Xu @ 2020-03-20 2:47 UTC (permalink / raw)
To: Corentin Labbe; +Cc: davem, linux-crypto, linux-kernel
On Tue, Mar 10, 2020 at 09:05:38PM +0000, Corentin Labbe wrote:
>
> Just selecting CTR lead also to a recursive dependency:
> crypto/Kconfig:1800:error: recursive dependency detected!
> crypto/Kconfig:1800: symbol CRYPTO_DRBG_MENU is selected by
> CRYPTO_RNG_DEFAULT
> crypto/Kconfig:83: symbol CRYPTO_RNG_DEFAULT is selected by
> CRYPTO_SEQIV
> crypto/Kconfig:330: symbol CRYPTO_SEQIV is selected by CRYPTO_CTR
> crypto/Kconfig:370: symbol CRYPTO_CTR is selected by CRYPTO_DRBG_CTR
> crypto/Kconfig:1822: symbol CRYPTO_DRBG_CTR depends on
> CRYPTO_DRBG_MENU
The SEQIV select from CTR is historical and no longer necessary.
So let's just get rid of that and then DRBG can select CTR without
running into loops.
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-03-20 2:48 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-03-10 21:05 [PATCH v2 1/2] crypto: drbg: DRBG should select SHA512 Corentin Labbe
2020-03-10 21:05 ` [PATCH v2 2/2] crypto: drbg: DRBG_CTR should select CTR Corentin Labbe
2020-03-20 2:47 ` Herbert Xu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).