Commit f2c89a10 authored by Herbert Xu's avatar Herbert Xu

crypto: drbg - Use Kconfig to ensure at least one RNG option is set

This patch removes the build-time test that ensures at least one RNG
is set.  Instead we will simply not build drbg if no options are set
through Kconfig.

This also fixes a typo in the name of the Kconfig option CRYTPO_DRBG
(should be CRYPTO_DRBG).
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 8c987166
...@@ -23,7 +23,7 @@ comment "Crypto core or helper" ...@@ -23,7 +23,7 @@ comment "Crypto core or helper"
config CRYPTO_FIPS config CRYPTO_FIPS
bool "FIPS 200 compliance" bool "FIPS 200 compliance"
depends on (CRYPTO_ANSI_CPRNG || CRYTPO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS
depends on MODULE_SIG depends on MODULE_SIG
help help
This options enables the fips boot option which is This options enables the fips boot option which is
...@@ -1394,39 +1394,39 @@ config CRYPTO_ANSI_CPRNG ...@@ -1394,39 +1394,39 @@ config CRYPTO_ANSI_CPRNG
ANSI X9.31 A.2.4. Note that this option must be enabled if ANSI X9.31 A.2.4. Note that this option must be enabled if
CRYPTO_FIPS is selected CRYPTO_FIPS is selected
menuconfig CRYTPO_DRBG menuconfig CRYPTO_DRBG_MENU
tristate "NIST SP800-90A DRBG" tristate "NIST SP800-90A DRBG"
depends on CRYPTO
select CRYPTO_RNG
help help
NIST SP800-90A compliant DRBG. In the following submenu, one or NIST SP800-90A compliant DRBG. In the following submenu, one or
more of the DRBG types must be selected. more of the DRBG types must be selected.
if CRYTPO_DRBG if CRYPTO_DRBG_MENU
config CRYPTO_DRBG_HMAC config CRYPTO_DRBG_HMAC
bool "Enable HMAC DRBG" bool "Enable HMAC DRBG"
default y default y
depends on CRYTPO_DRBG
select CRYPTO_HMAC select CRYPTO_HMAC
help help
Enable the HMAC DRBG variant as defined in NIST SP800-90A. Enable the HMAC DRBG variant as defined in NIST SP800-90A.
config CRYPTO_DRBG_HASH config CRYPTO_DRBG_HASH
bool "Enable Hash DRBG" bool "Enable Hash DRBG"
depends on CRYTPO_DRBG
select CRYPTO_HASH select CRYPTO_HASH
help help
Enable the Hash DRBG variant as defined in NIST SP800-90A. Enable the Hash DRBG variant as defined in NIST SP800-90A.
config CRYPTO_DRBG_CTR config CRYPTO_DRBG_CTR
bool "Enable CTR DRBG" bool "Enable CTR DRBG"
depends on CRYTPO_DRBG
select CRYPTO_AES select CRYPTO_AES
help help
Enable the CTR DRBG variant as defined in NIST SP800-90A. Enable the CTR DRBG variant as defined in NIST SP800-90A.
endif #CRYTPO_DRBG config CRYPTO_DRBG
tristate
default CRYPTO_DRBG_MENU if (CRYPTO_DRBG_HMAC || CRYPTO_DRBG_HASH || CRYPTO_DRBG_CTR)
select CRYPTO_RNG
endif # if CRYPTO_DRBG_MENU
config CRYPTO_USER_API config CRYPTO_USER_API
tristate tristate
......
...@@ -92,7 +92,7 @@ obj-$(CONFIG_CRYPTO_842) += 842.o ...@@ -92,7 +92,7 @@ obj-$(CONFIG_CRYPTO_842) += 842.o
obj-$(CONFIG_CRYPTO_RNG2) += rng.o obj-$(CONFIG_CRYPTO_RNG2) += rng.o
obj-$(CONFIG_CRYPTO_RNG2) += krng.o obj-$(CONFIG_CRYPTO_RNG2) += krng.o
obj-$(CONFIG_CRYPTO_ANSI_CPRNG) += ansi_cprng.o obj-$(CONFIG_CRYPTO_ANSI_CPRNG) += ansi_cprng.o
obj-$(CONFIG_CRYTPO_DRBG) += drbg.o obj-$(CONFIG_CRYPTO_DRBG) += drbg.o
obj-$(CONFIG_CRYPTO_TEST) += tcrypt.o obj-$(CONFIG_CRYPTO_TEST) += tcrypt.o
obj-$(CONFIG_CRYPTO_GHASH) += ghash-generic.o obj-$(CONFIG_CRYPTO_GHASH) += ghash-generic.o
obj-$(CONFIG_CRYPTO_USER_API) += af_alg.o obj-$(CONFIG_CRYPTO_USER_API) += af_alg.o
......
...@@ -99,12 +99,6 @@ ...@@ -99,12 +99,6 @@
#include <crypto/drbg.h> #include <crypto/drbg.h>
#if !defined(CONFIG_CRYPTO_DRBG_HASH) && \
!defined(CONFIG_CRYPTO_DRBG_HMAC) && \
!defined(CONFIG_CRYPTO_DRBG_CTR)
#warning "The DRBG code is useless without compiling at least one DRBG type"
#endif
/*************************************************************** /***************************************************************
* Backend cipher definitions available to DRBG * Backend cipher definitions available to DRBG
***************************************************************/ ***************************************************************/
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment