From patchwork Mon Oct 30 12:05:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dimitri John Ledkov X-Patchwork-Id: 159700 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:d641:0:b0:403:3b70:6f57 with SMTP id cy1csp2157501vqb; Mon, 30 Oct 2023 05:06:25 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFHVl2rNx6qM055+Xib6bfSZm7ueyG4roddb/tMCHRBzKHCIcmmudIMKITOdp9DwMtE1PDZ X-Received: by 2002:a05:6a21:3395:b0:171:75ef:d636 with SMTP id yy21-20020a056a21339500b0017175efd636mr8273598pzb.21.1698667585094; Mon, 30 Oct 2023 05:06:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1698667585; cv=none; d=google.com; s=arc-20160816; b=JmT4UMbyqTqZfgW/BwySCpQOTMwOgCLdFKe/4l8ASQW0C78FoxV8kSv+KFmB//28Gz UgKM4TsMY3QWwYkO/RCoIpj8QpncbFhjEt/mFZMuNqZSNq/nl15k4U2ZG/Zken6qhn4Z nAQmPs4j+0Ame5xeVHsZXo5Jijt4tqomO1lOcUXCKgL0+lYOzHbIEY7z+f8XdmZLAJS/ e7SQ5MVsu6/myqanjyNciP9wfXjLGCujkNKnKxrF5Elg/BOi74E6PEJEBtNU4W9u1qN0 jOc4OQy8cfK7P0h+2GhUzp9KDegbl2Pbzk1NJg30X0hi6+4f39mD3juYJui+qf2eVXjh CCgA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=h5yxdWuSdqlkaRjQHxke+23X5/FDQMoqzJ+o1pD1n2g=; fh=f7rGv/lZUKYPSVW4vmZTSpKGS2MqhLr4JDXhUskr9eQ=; b=BdeZKsRZJeO4mAOsCvEDEe9RT48Leyh3BOAhDL25OP1tZUnHuS48o8pc2uGMeCw1M2 nnXLz93trDQNY3djfIoNfqvyFJ27rcwTTsD6Nou2sPHW3Fp9uwe9JPECklaYh6hOfo3J wb6Se2uzJdFMxWMYPC28h6xGrrRZ/AlQIsWmw9Kf5Lg2Q5qp1CKQ0pETrFQnNTxNDgYI LFoQdyUD4ydR2zRbB2wq54YxEdeQvGKNVLP3rIi2LEfv8yuseuBhQIpdFFSgJ1pjcnOA 88kPuuvOzosqo1EmsEextpTqpG6DUdZ++hsp/45IMh2FQrgfAYqcTjdVV3yPJ2fuUIGe +tVQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@canonical.com header.s=20210705 header.b=rxzMOK4o; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: from groat.vger.email (groat.vger.email. [23.128.96.35]) by mx.google.com with ESMTPS id f16-20020a056a00229000b0068e47f1fc7esi4849327pfe.159.2023.10.30.05.06.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Oct 2023 05:06:25 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) client-ip=23.128.96.35; Authentication-Results: mx.google.com; dkim=pass header.i=@canonical.com header.s=20210705 header.b=rxzMOK4o; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id DBCAD80617F3; Mon, 30 Oct 2023 05:06:21 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233251AbjJ3MGJ (ORCPT + 31 others); Mon, 30 Oct 2023 08:06:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33844 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233121AbjJ3MGF (ORCPT ); Mon, 30 Oct 2023 08:06:05 -0400 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B681A100 for ; Mon, 30 Oct 2023 05:05:55 -0700 (PDT) Received: from mail-lf1-f71.google.com (mail-lf1-f71.google.com [209.85.167.71]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id 855AF3FD43 for ; Mon, 30 Oct 2023 12:05:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1698667551; bh=h5yxdWuSdqlkaRjQHxke+23X5/FDQMoqzJ+o1pD1n2g=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=rxzMOK4oexsUdphk54Ofr59Pw2d1aV/nY7+R0dl4mjd0HZHSrPzoqoR0Ktc/UTDfm Euz8a/xWi6qHDKS4sFPtcIRX0jsBEpwaXg/Gum7Zz5mXEF+euE8Gj3EcqUYbDX2lXu 9fsb+zRR3gCmZ89iL3pHO2oge5joLRpPYzZYlWb3ZnV6ojE6zEYiaNkIkArdT5JQcM LwFMOhOTpcLuGrNB6ad0lRG7EBIVPGpi0Hofi/UCYFvekKvKir25YNJKA1teHmwjMf XRkNjg4lHLMYFxWZZDRy7C2sVKixfJpbkBkXmjNpGA1RBSJVbpj3LZ9QnISHgntN3s JqBmNvShQuArQ== Received: by mail-lf1-f71.google.com with SMTP id 2adb3069b0e04-507be692ce4so4597179e87.2 for ; Mon, 30 Oct 2023 05:05:51 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1698667549; x=1699272349; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=h5yxdWuSdqlkaRjQHxke+23X5/FDQMoqzJ+o1pD1n2g=; b=NHwffU/1mhoY1lMIq6TFo4kmEkyTSsl0f2UWjMhrb/GakbYkWFkvBTY2KwrtYZmwcN OqyMLjO0ysB+zsdlXk/tob3Y94l3rdyDRV2sgqBSfGQRw/dBMrxo8mdXttENZnCQ7lR9 92OSPbZCtW2Gl0kK0ZAx9LNYLsKWMNCARqw4jhMAsNxCtKctRi2ROmHCRe5BXUnBbF9Z QCoIoi9DGmAuPv7HCvC8gmSwIr1rWl5WMr/81s/RRpAq1eDAY8I0D7vhcElgSIp/Cn2H Dgd3J7Wp45c/Zo7z776km0cK25Jln+Ms9GjJ0cChkeUzkDcmvv8z0CW21q/djJ74ffGQ zOxg== X-Gm-Message-State: AOJu0YycFtYFgQtCNy6I0CfkN4Whuu8XboATAmBlpSuhaNN0/3NaCJlo gYlCzcDZ6qYFNgdvUXmSy412LzBIE/NAJbli4m/QNEOEgmrO54VPIUqlii3j55nz2gVx+Nb19sT CfCESjrYluVw0JnnGqozeZZjF1yuzKoU0nyxAokskat31XgSeVBN2c08= X-Received: by 2002:ac2:521b:0:b0:507:f0f2:57bd with SMTP id a27-20020ac2521b000000b00507f0f257bdmr6364250lfl.66.1698667549186; Mon, 30 Oct 2023 05:05:49 -0700 (PDT) X-Received: by 2002:ac2:521b:0:b0:507:f0f2:57bd with SMTP id a27-20020ac2521b000000b00507f0f257bdmr6364236lfl.66.1698667548933; Mon, 30 Oct 2023 05:05:48 -0700 (PDT) Received: from localhost ([159.148.223.140]) by smtp.gmail.com with ESMTPSA id r27-20020ac25f9b000000b005079a4cf2c1sm1407367lfe.239.2023.10.30.05.05.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Oct 2023 05:05:48 -0700 (PDT) From: Dimitri John Ledkov To: Herbert Xu , "David S. Miller" Cc: smueller@chronox.de, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 3/4] crypto: drbg - ensure drbg hmac sha512 is used in FIPS selftests Date: Mon, 30 Oct 2023 14:05:15 +0200 Message-Id: <20231030120517.39424-4-dimitri.ledkov@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231030120517.39424-1-dimitri.ledkov@canonical.com> References: <20231029204823.663930-1-dimitri.ledkov@canonical.com> <20231030120517.39424-1-dimitri.ledkov@canonical.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.3 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Mon, 30 Oct 2023 05:06:21 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1781124374786560088 X-GMAIL-MSGID: 1781182061912322177 Update code comment, self test & healthcheck to use HMAC SHA512, instead of HMAC SHA256. These changes are in dead-code, or FIPS enabled code-paths only and have not effect on usual kernel builds. On systems booting in FIPS mode that has the effect of switch sanity selftest to HMAC sha512 based (which has been the default DRBG). This patch updates code from 9b7b94683a ("crypto: DRBG - switch to HMAC SHA512 DRBG as default DRBG"), but is not interesting to cherry-pick for stable updates, because it doesn't affect regular builds, nor has any tangible effect on FIPS certifcation. Signed-off-by: Dimitri John Ledkov Reviewed-by: Stephan Mueller --- crypto/drbg.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/crypto/drbg.c b/crypto/drbg.c index b120e2866b..99666193d9 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -111,9 +111,9 @@ * as stdrng. Each DRBG receives an increasing cra_priority values the later * they are defined in this array (see drbg_fill_array). * - * HMAC DRBGs are favored over Hash DRBGs over CTR DRBGs, and - * the SHA256 / AES 256 over other ciphers. Thus, the favored - * DRBGs are the latest entries in this array. + * HMAC DRBGs are favored over Hash DRBGs over CTR DRBGs, and the + * HMAC-SHA512 / SHA256 / AES 256 over other ciphers. Thus, the + * favored DRBGs are the latest entries in this array. */ static const struct drbg_core drbg_cores[] = { #ifdef CONFIG_CRYPTO_DRBG_CTR @@ -1475,8 +1475,8 @@ static int drbg_generate(struct drbg_state *drbg, int err = 0; pr_devel("DRBG: start to perform self test\n"); if (drbg->core->flags & DRBG_HMAC) - err = alg_test("drbg_pr_hmac_sha256", - "drbg_pr_hmac_sha256", 0, 0); + err = alg_test("drbg_pr_hmac_sha512", + "drbg_pr_hmac_sha512", 0, 0); else if (drbg->core->flags & DRBG_CTR) err = alg_test("drbg_pr_ctr_aes256", "drbg_pr_ctr_aes256", 0, 0); @@ -2023,7 +2023,7 @@ static inline int __init drbg_healthcheck_sanity(void) drbg_convert_tfm_core("drbg_nopr_sha256", &coreref, &pr); #endif #ifdef CONFIG_CRYPTO_DRBG_HMAC - drbg_convert_tfm_core("drbg_nopr_hmac_sha256", &coreref, &pr); + drbg_convert_tfm_core("drbg_nopr_hmac_sha512", &coreref, &pr); #endif drbg = kzalloc(sizeof(struct drbg_state), GFP_KERNEL);