diff options
author | Kurt Roeckx <kurt@roeckx.be> | 2018-02-18 19:16:13 +0100 |
---|---|---|
committer | Kurt Roeckx <kurt@roeckx.be> | 2018-02-21 20:40:34 +0100 |
commit | 32bda2b2e4900308cb025020d8c8692e1d3c2ba9 (patch) | |
tree | 4c7e82f15c70fe821006fa38d2be12f0aa05204a /include | |
parent | 649cfb5cbb78e3c4c91ceb65fad2a4daad6047dd (diff) |
Switch the DRBGs from AES-128-CTR to AES-256-CTR
Reviewed-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
GH: #5401
Diffstat (limited to 'include')
-rw-r--r-- | include/internal/rand.h | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/include/internal/rand.h b/include/internal/rand.h index d56742e533..471b6b55d2 100644 --- a/include/internal/rand.h +++ b/include/internal/rand.h @@ -15,14 +15,22 @@ /* * Default security strength (in the sense of [NIST SP 800-90Ar1]) - * of the default OpenSSL DRBG, and the corresponding NID. * - * Currently supported values: 128, 192, 256 + * NIST SP 800-90Ar1 supports the strength of the DRBG being smaller than that + * of the cipher by collecting less entropy. The current DRBG implemantion does + * not take RAND_DRBG_STRENGTH into account and sets the strength of the DRBG + * to that of the cipher. * - * TODO(DRBG): would be nice to have the strength configurable + * RAND_DRBG_STRENGTH is currently only used for the legacy RAND + * implementation. + * + * Currently supported ciphers are: NID_aes_128_ctr, NID_aes_192_ctr and + * NID_aes_256_ctr + * + * TODO(DRBG): would be nice to have the NID and strength configurable */ -# define RAND_DRBG_STRENGTH 128 -# define RAND_DRBG_NID NID_aes_128_ctr +# define RAND_DRBG_STRENGTH 256 +# define RAND_DRBG_NID NID_aes_256_ctr /* * Object lifetime functions. |