From 7e27936767c1b018057c83f72246edeabe888fba Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 3 Oct 2019 14:21:39 +0200
Subject: [PATCH] Add a note about CTR_DRBG security strength to config.h

---
 include/mbedtls/config.h | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 4974f4774..a4db6ba49 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1304,6 +1304,10 @@
  * The CTR_DRBG generator uses AES-256 by default.
  * To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above.
  *
+ * \note To achieve a 256-bit security strength with CTR_DRBG,
+ *       you must use AES-256 *and* use sufficient entropy.
+ *       See ctr_drbg.h for more details.
+ *
  * Module:  library/ctr_drbg.c
  * Caller:
  *