From f2c89a10de4fd123a3d15223d26994f2fe1b95d8 Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Fri, 4 Jul 2014 22:15:08 +0800 Subject: [PATCH] crypto: drbg - Use Kconfig to ensure at least one RNG option is set This patch removes the build-time test that ensures at least one RNG is set. Instead we will simply not build drbg if no options are set through Kconfig. This also fixes a typo in the name of the Kconfig option CRYTPO_DRBG (should be CRYPTO_DRBG). Signed-off-by: Herbert Xu --- crypto/Kconfig | 18 +++++++++--------- crypto/Makefile | 2 +- crypto/drbg.c | 6 ------ 3 files changed, 10 insertions(+), 16 deletions(-) diff --git a/crypto/Kconfig b/crypto/Kconfig index 1dca374bbd82..6345c470650d 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -23,7 +23,7 @@ comment "Crypto core or helper" config CRYPTO_FIPS bool "FIPS 200 compliance" - depends on (CRYPTO_ANSI_CPRNG || CRYTPO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS + depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS depends on MODULE_SIG help This options enables the fips boot option which is @@ -1394,39 +1394,39 @@ config CRYPTO_ANSI_CPRNG ANSI X9.31 A.2.4. Note that this option must be enabled if CRYPTO_FIPS is selected -menuconfig CRYTPO_DRBG +menuconfig CRYPTO_DRBG_MENU tristate "NIST SP800-90A DRBG" - depends on CRYPTO - select CRYPTO_RNG help NIST SP800-90A compliant DRBG. In the following submenu, one or more of the DRBG types must be selected. -if CRYTPO_DRBG +if CRYPTO_DRBG_MENU config CRYPTO_DRBG_HMAC bool "Enable HMAC DRBG" default y - depends on CRYTPO_DRBG select CRYPTO_HMAC help Enable the HMAC DRBG variant as defined in NIST SP800-90A. config CRYPTO_DRBG_HASH bool "Enable Hash DRBG" - depends on CRYTPO_DRBG select CRYPTO_HASH help Enable the Hash DRBG variant as defined in NIST SP800-90A. config CRYPTO_DRBG_CTR bool "Enable CTR DRBG" - depends on CRYTPO_DRBG select CRYPTO_AES help Enable the CTR DRBG variant as defined in NIST SP800-90A. -endif #CRYTPO_DRBG +config CRYPTO_DRBG + tristate + default CRYPTO_DRBG_MENU if (CRYPTO_DRBG_HMAC || CRYPTO_DRBG_HASH || CRYPTO_DRBG_CTR) + select CRYPTO_RNG + +endif # if CRYPTO_DRBG_MENU config CRYPTO_USER_API tristate diff --git a/crypto/Makefile b/crypto/Makefile index bfa94fad315b..cfa57b3f5a4d 100644 --- a/crypto/Makefile +++ b/crypto/Makefile @@ -92,7 +92,7 @@ obj-$(CONFIG_CRYPTO_842) += 842.o obj-$(CONFIG_CRYPTO_RNG2) += rng.o obj-$(CONFIG_CRYPTO_RNG2) += krng.o obj-$(CONFIG_CRYPTO_ANSI_CPRNG) += ansi_cprng.o -obj-$(CONFIG_CRYTPO_DRBG) += drbg.o +obj-$(CONFIG_CRYPTO_DRBG) += drbg.o obj-$(CONFIG_CRYPTO_TEST) += tcrypt.o obj-$(CONFIG_CRYPTO_GHASH) += ghash-generic.o obj-$(CONFIG_CRYPTO_USER_API) += af_alg.o diff --git a/crypto/drbg.c b/crypto/drbg.c index d6621a6181d7..acc752373791 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -99,12 +99,6 @@ #include -#if !defined(CONFIG_CRYPTO_DRBG_HASH) && \ - !defined(CONFIG_CRYPTO_DRBG_HMAC) && \ - !defined(CONFIG_CRYPTO_DRBG_CTR) -#warning "The DRBG code is useless without compiling at least one DRBG type" -#endif - /*************************************************************** * Backend cipher definitions available to DRBG ***************************************************************/ -- GitLab