aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/rng
diff options
context:
space:
mode:
authorRenĂ© Korthaus <[email protected]>2017-04-03 21:55:03 +0200
committerRenĂ© Korthaus <[email protected]>2017-04-03 21:55:03 +0200
commitd00cb108f6d3f5b7dee7b8426169f9e186235d54 (patch)
tree37f91d87067becd698340c8843fc226908a645f6 /src/lib/rng
parentd5554270aff53ec3856b62dbb7cb48ec26b87009 (diff)
Follow NIST SP 800-57 for HMAC_DRBG security level
Diffstat (limited to 'src/lib/rng')
-rw-r--r--src/lib/rng/hmac_drbg/hmac_drbg.cpp15
1 files changed, 12 insertions, 3 deletions
diff --git a/src/lib/rng/hmac_drbg/hmac_drbg.cpp b/src/lib/rng/hmac_drbg/hmac_drbg.cpp
index 03ea2013a..4f19b5256 100644
--- a/src/lib/rng/hmac_drbg/hmac_drbg.cpp
+++ b/src/lib/rng/hmac_drbg/hmac_drbg.cpp
@@ -168,8 +168,17 @@ void HMAC_DRBG::add_entropy(const uint8_t input[], size_t input_len)
size_t HMAC_DRBG::security_level() const
{
// security strength of the hash function
- // for pre-image resistance (see NIST SP800-57),
- // but NIST SP800-90A only supports up to 256 bits
- return std::min(m_mac->output_length(), size_t(32)) * 8;
+ // for pre-image resistance (see NIST SP 800-57)
+ // SHA-160: 128 bits, SHA-224, SHA-512/224: 192 bits,
+ // SHA-256, SHA-512/256, SHA-384, SHA-512: >= 256 bits
+ // NIST SP 800-90A only supports up to 256 bits though
+ if(m_mac->output_length() < 32)
+ {
+ return (m_mac->output_length() - 4) * 8;
+ }
+ else
+ {
+ return 32 * 8;
+ }
}
}