Ability to force the Entropy module to use SHA-256 as its basis By default the SHA-512 module is used if both are available. On some systems, SHA-256 is the better choice. Contributed by: Gergely Budai

commit: 2ceda579893ceb23c5eb0d56df47dc235644e0f4 [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Thu Feb 06 15:55:25 2014 +0100
committer: Paul Bakker <p.j.bakker@polarssl.org> Thu Feb 06 15:55:25 2014 +0100
tree: 974f319e5d4ea077bfcda92497988cc1ceed1fa4
parent: cd6d69a414711be7a66f676f685aab007592dbbc [diff] [blame]
diff --git a/include/polarssl/ctr_drbg.h b/include/polarssl/ctr_drbg.h
index 756b5a3..8b0f38a 100644
--- a/include/polarssl/ctr_drbg.h
+++ b/include/polarssl/ctr_drbg.h

@@ -43,7 +43,7 @@
                                             /**< The seed length (counter + AES key)            */
 
 #if !defined(POLARSSL_CONFIG_OPTIONS)
-#if defined(POLARSSL_SHA512_C)
+#if defined(POLARSSL_SHA512_C) && !defined(POLARSSL_ENTROPY_FORCE_SHA256)
 #define CTR_DRBG_ENTROPY_LEN        48      /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
 #else
 #define CTR_DRBG_ENTROPY_LEN        32      /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
commit	2ceda579893ceb23c5eb0d56df47dc235644e0f4	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Thu Feb 06 15:55:25 2014 +0100
committer	Paul Bakker <p.j.bakker@polarssl.org>	Thu Feb 06 15:55:25 2014 +0100
tree	974f319e5d4ea077bfcda92497988cc1ceed1fa4
parent	cd6d69a414711be7a66f676f685aab007592dbbc [diff] [blame]