From patchwork Tue Nov 8 14:20:25 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nicolai Stange X-Patchwork-Id: 17061 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp2740714wru; Tue, 8 Nov 2022 06:27:58 -0800 (PST) X-Google-Smtp-Source: AMsMyM6xx4UMWV/j3sXnwb7Xqx7HjUOuRqmZgH91Vsr+BtoDBCR4OTXm8337TNN//NGksOtX21Hp X-Received: by 2002:a63:e446:0:b0:470:2c91:44c4 with SMTP id i6-20020a63e446000000b004702c9144c4mr23404733pgk.536.1667917678378; Tue, 08 Nov 2022 06:27:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1667917678; cv=none; d=google.com; s=arc-20160816; b=VYwWVkFmVsip3uyrDF+uaOc79gwxUizyX0IfIMtYYscLb5st7QpI3nVYWqnnaoAgJh DbOw93PvhGo3eR0e6v6gXoIGlWLNiKJpPZlYpqdnIFhulajyY2pC3WksfDcp5Frzlpyt 4hEZcqzbgptLGJwVGm0AVJu9FzEB1FRdtIOB9E7J9i1v/epeE9LSBuTRryIbmBbKwEBj 8GILA36NPgAHPrkHbpoT5sUiSxfQ0rojgPsKdzoUwDxPOjs/ujFgCRbqael3I2ykEMFb BfchKMRjhy02N/bJ3DO2bbd+TSbyVXjFSy5pvu4uBV0MaYtMJ/W6TL+ygL9ARsPWK6xM VxXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature:dkim-signature; bh=3T0eeo4rDxCTZEodATTbmKUVD7KoHxSR9GUsWoJPUyA=; b=optnZxjV4EsXIF45VWOtDnFs6L0+GGAqES6x7HSAs+xcb6JeMwepReW0pypc4EqHNo FsC4iiFwwSHiWEBQ4isDkJpdgj6WBi3Fx36La70eNi5jaU39vwClFfoLFeIVA7uc5uqy psbpq9hRQJY4DKPMsKpaln2zyg7w+MMwsbZUrZxWOI7ua7b0wZzDfYWVJvL2JM5I4U3g +vvGZtlB38evlRfjUjDCC9vffqk3umufeD3XBkZzxdktucKOU/0KxqjvCHIRzUlMR3u0 qeEzRXNYevQ2HJon67VKPZ1QS4UNYR1w0mBeQcr+GnGixm/JRDXcNJwXuIOJSPa1vJnO gv/g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=tlNczIRO; dkim=neutral (no key) header.i=@suse.de header.b=rNJym0SU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id pw4-20020a17090b278400b0020b0b8df3d2si12831744pjb.57.2022.11.08.06.27.44; Tue, 08 Nov 2022 06:27:58 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=tlNczIRO; dkim=neutral (no key) header.i=@suse.de header.b=rNJym0SU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235396AbiKHOVe (ORCPT + 99 others); Tue, 8 Nov 2022 09:21:34 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57392 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233895AbiKHOVL (ORCPT ); Tue, 8 Nov 2022 09:21:11 -0500 Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8D4BEC8A30; Tue, 8 Nov 2022 06:21:03 -0800 (PST) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 4DCF81FB84; Tue, 8 Nov 2022 14:21:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1667917262; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=3T0eeo4rDxCTZEodATTbmKUVD7KoHxSR9GUsWoJPUyA=; b=tlNczIRO1IJ5wuS9cdVO5s3WPJFQ1XDcV9CAmgBCOXm0j7Y4dNGiaB1kqqudITvlvK7/6K ljvnrI5beWnDFxu6xg0IUAlLoEnRLuFPRy668Ju1tSwctagOgT4r8RYAgB9sjflJvM4xfs llStYI6EatCkLg/en3BWq9PAHd6cYxU= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1667917262; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=3T0eeo4rDxCTZEodATTbmKUVD7KoHxSR9GUsWoJPUyA=; b=rNJym0SULVMg4fQl4TbvAqFcaF02Iv7fFma9H6oFWAxqttwZOuw+WZb5TKs8uK3857TPO/ 3SkUNT42aRuKcnAQ== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 3944813398; Tue, 8 Nov 2022 14:21:02 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id F5j2Dc5lamNJKQAAMHmgww (envelope-from ); Tue, 08 Nov 2022 14:21:02 +0000 From: Nicolai Stange To: Herbert Xu , "David S. Miller" Cc: Vladis Dronov , Stephan Mueller , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, Nicolai Stange Subject: [PATCH 4/4] crypto: testmgr - allow ecdsa-nist-p256 and -p384 in FIPS mode Date: Tue, 8 Nov 2022 15:20:25 +0100 Message-Id: <20221108142025.13461-5-nstange@suse.de> X-Mailer: git-send-email 2.38.0 In-Reply-To: <20221108142025.13461-1-nstange@suse.de> References: <20221108142025.13461-1-nstange@suse.de> MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1748938447366956659?= X-GMAIL-MSGID: =?utf-8?q?1748938447366956659?= The kernel provides implementations of the NIST ECDSA signature verification primitives. For key sizes of 256 and 384 bits respectively they are approved and can be enabled in FIPS mode. Do so. Signed-off-by: Nicolai Stange --- crypto/testmgr.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/testmgr.c b/crypto/testmgr.c index 6d91a2acd119..f641f9c830d8 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -5034,12 +5034,14 @@ static const struct alg_test_desc alg_test_descs[] = { }, { .alg = "ecdsa-nist-p256", .test = alg_test_akcipher, + .fips_allowed = 1, .suite = { .akcipher = __VECS(ecdsa_nist_p256_tv_template) } }, { .alg = "ecdsa-nist-p384", .test = alg_test_akcipher, + .fips_allowed = 1, .suite = { .akcipher = __VECS(ecdsa_nist_p384_tv_template) }