From 7b4025391f7c9204d735359fad33ca12043af3e2 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 15 Jul 2025 11:54:59 -0700 Subject: [PATCH] Revert: crypto: DRBG - switch to HMAC SHA512 DRBG as default DRBG JIRA: INTERNAL Revert Author Revert Commit 9b7b94683a9b9c42a743d591e48b9f51f505dd1f Revert Reason: This changes the default DRBG back to HMAC SHA256 as more processors have hardware acceleration for this algorithm. Approved by the lab. The default DRBG is the one that has the highest priority. The priority is defined based on the order of the list drbg_cores[] where the highest priority is given to the last entry by drbg_fill_array. With this patch the default DRBG is switched from HMAC SHA256 to HMAC SHA512 to support compliance with SP800-90B and SP800-90C (current draft). The user of the crypto API is completely unaffected by the change. Signed-off-by: Stephan Mueller Acked-by: simo Sorce Signed-off-by: Herbert Xu Signed-off-by: Jeremy Allison --- crypto/drbg.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/crypto/drbg.c b/crypto/drbg.c index d14cc09b5d399..d5281a0c89b75 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -176,18 +176,18 @@ static const struct drbg_core drbg_cores[] = { .blocklen_bytes = 48, .cra_name = "hmac_sha384", .backend_cra_name = "hmac(sha384)", - }, { - .flags = DRBG_HMAC | DRBG_STRENGTH256, - .statelen = 32, /* block length of cipher */ - .blocklen_bytes = 32, - .cra_name = "hmac_sha256", - .backend_cra_name = "hmac(sha256)", }, { .flags = DRBG_HMAC | DRBG_STRENGTH256, .statelen = 64, /* block length of cipher */ .blocklen_bytes = 64, .cra_name = "hmac_sha512", .backend_cra_name = "hmac(sha512)", + }, { + .flags = DRBG_HMAC | DRBG_STRENGTH256, + .statelen = 32, /* block length of cipher */ + .blocklen_bytes = 32, + .cra_name = "hmac_sha256", + .backend_cra_name = "hmac(sha256)", }, #endif /* CONFIG_CRYPTO_DRBG_HMAC */ };