lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Merge branch 'mbedtls-3.6-restricted' into mbedtls-3.6.1rc0-pr

Browse Source 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This commit is contained in:
David Horstmann
2024-08-28 20:48:27 +01:00
parent 72064b202e 8b8228ce2e
commit 9f10979853
17 changed files with 795 additions and 540 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
include/mbedtls/mbedtls_config.h
View File

@ -4034,11 +4034,18 @@
* Use HMAC_DRBG with the specified hash algorithm for HMAC_DRBG for the
* PSA crypto subsystem.
*
* If this option is unset:
* - If CTR_DRBG is available, the PSA subsystem uses it rather than HMAC_DRBG.
* - Otherwise, the PSA subsystem uses HMAC_DRBG with either
* #MBEDTLS_MD_SHA512 or #MBEDTLS_MD_SHA256 based on availability and
* on unspecified heuristics.
* If this option is unset, the library chooses a hash (currently between
* #MBEDTLS_MD_SHA512 and #MBEDTLS_MD_SHA256) based on availability and
* unspecified heuristics.
*
* \note The PSA crypto subsystem uses the first available mechanism amongst
* the following:
* - #MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG if enabled;
* - Entropy from #MBEDTLS_ENTROPY_C plus CTR_DRBG with AES
* if #MBEDTLS_CTR_DRBG_C is enabled;
* - Entropy from #MBEDTLS_ENTROPY_C plus HMAC_DRBG.
*
* A future version may reevaluate the prioritization of DRBG mechanisms.
*/
//#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256