From patchwork Thu Dec 29 20:37:08 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladis Dronov X-Patchwork-Id: 637992 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3C1B7C3DA79 for ; Thu, 29 Dec 2022 20:39:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234101AbiL2Ujc (ORCPT ); Thu, 29 Dec 2022 15:39:32 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51746 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234121AbiL2Uiw (ORCPT ); Thu, 29 Dec 2022 15:38:52 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7DE2917051 for ; Thu, 29 Dec 2022 12:38:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1672346279; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=M/O7ovWlD6rDqALxE5fmNq+xJQTo2e2KoATZ05+fVUM=; b=i0mYWB8ZyU6WReOfsbQ2ZG9XEQeZEira0S6qdCVt7/Gvr46jKC5wDj5G2YSyrCv2qPfN+W 9tVAGVyp9AZs6P73DIWqzHC/m8c83mTn78Hy5fD/o8EMl/zgtrtMCZ9qxHGx3Rjfdqj+9H 4jCkB0iLxtkfg8Cp7LBYYq4OHxGNBzo= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-617-MPEltkLTPYOClQJQrA3BGA-1; Thu, 29 Dec 2022 15:37:56 -0500 X-MC-Unique: MPEltkLTPYOClQJQrA3BGA-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C499929ABA00; Thu, 29 Dec 2022 20:37:55 +0000 (UTC) Received: from rules.brq.redhat.com (ovpn-208-2.brq.redhat.com [10.40.208.2]) by smtp.corp.redhat.com (Postfix) with ESMTP id 97DAF112132C; Thu, 29 Dec 2022 20:37:53 +0000 (UTC) From: Vladis Dronov To: Herbert Xu , "David S . Miller" Cc: Nicolai Stange , Elliott Robert , Stephan Mueller , Eric Biggers , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, Vladis Dronov Subject: [PATCH v2 6/6] crypto: testmgr - allow ecdsa-nist-p256 and -p384 in FIPS mode Date: Thu, 29 Dec 2022 21:37:08 +0100 Message-Id: <20221229203708.13628-7-vdronov@redhat.com> In-Reply-To: <20221229203708.13628-1-vdronov@redhat.com> References: <20221229203708.13628-1-vdronov@redhat.com> MIME-Version: 1.0 Content-type: text/plain X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: Nicolai Stange The kernel provides implementations of the NIST ECDSA signature verification primitives. For key sizes of 256 and 384 bits respectively they are approved and can be enabled in FIPS mode. Do so. Signed-off-by: Nicolai Stange Signed-off-by: Vladis Dronov Reviewed-by: Eric Biggers --- crypto/testmgr.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/testmgr.c b/crypto/testmgr.c index a223cf5f3626..795c4858c741 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -5034,12 +5034,14 @@ static const struct alg_test_desc alg_test_descs[] = { }, { .alg = "ecdsa-nist-p256", .test = alg_test_akcipher, + .fips_allowed = 1, .suite = { .akcipher = __VECS(ecdsa_nist_p256_tv_template) } }, { .alg = "ecdsa-nist-p384", .test = alg_test_akcipher, + .fips_allowed = 1, .suite = { .akcipher = __VECS(ecdsa_nist_p384_tv_template) }