narenas
/
opengnsys_ipxe
mirror of https://github.com/ipxe/ipxe.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
opengnsys_ipxe/src
History
Michael Brown 8d038040ea [rng] Choose HMAC_DRBG using SHA-256 as the DRBG algorithm 
Both HMAC_DRBG using SHA-1 and HMAC_DRBG using SHA-256 are Approved
algorithms in ANS X9.82 for our chosen security strength of 128 bits.
However, general recommendations (see e.g. NIST SP800-57) are to use a
larger hash function in preference to SHA-1.

Since SHA-256 is required anyway for TLSv1.2 support, there is no code
size penalty for switching HMAC_DRBG to also use SHA-256.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
 		2012-03-06 13:42:06 +00:00
..
arch [x86_64] Use memory address constraint in __bswap_16s() 2012-03-04 21:46:45 +00:00
bin Rename .cvsignore files to .gitignore 2007-06-09 22:57:00 +01:00
config [vmware] Add VMware logfile console (CONSOLE_VMWARE) 2012-02-28 23:10:02 +00:00
core [syslog] Separate out generic line-based console functionality 2012-02-28 23:10:01 +00:00
crypto [rng] Allow HMAC_DRBG to use multiple underlying hash algorithms 2012-03-06 13:12:30 +00:00
doc [build] Rename gPXE to iPXE 2010-04-19 23:43:39 +01:00
drivers [snpnet] Give up entirely on the transmit queue 2012-02-12 13:57:07 +00:00
hci [image] Eliminate the register_and_xxx_image() functions 2011-10-25 01:41:41 +01:00
image [efi] Add iPXE download protocol 2012-02-15 12:08:39 +00:00
include [rng] Choose HMAC_DRBG using SHA-256 as the DRBG algorithm 2012-03-06 13:42:06 +00:00
interface [efi] Add iPXE download protocol 2012-02-15 12:08:39 +00:00
libgcc [build] Mark __intel_new_proc_init with __libgcc rather than cdecl 2009-08-03 15:56:10 +01:00
net [tls] Formalise the definition of a TLS cipher suite 2012-03-05 23:13:52 +00:00
tests [rng] Add NIST self-tests for HMAC_DRBG using SHA-256 2012-03-06 13:34:22 +00:00
usr [lotest] Accept non-loopback packets during test 2011-12-08 00:30:28 +00:00
util [build] Include UNDI PCI driver within all-drivers build 2011-11-16 00:22:30 +00:00
.gitignore [build] Add support for local configuration files 2010-03-26 19:07:22 +00:00
Makefile [tg3] New tg3 driver 2012-01-30 23:10:53 +00:00
Makefile.housekeeping [build] Avoid using -ffunction-sections on some older versions of gcc 2011-06-29 11:48:29 +01:00
doxygen.cfg [build] Remove PACKED macro 2010-05-29 23:49:47 +01:00