| Message ID | 1455010357-1295-1-git-send-email-meissner@suse.de (mailing list archive) |
|---|---|
| State | Rejected |
| Delegated to: | Herbert Xu |
| Headers | show |
Am Dienstag, 9. Februar 2016, 10:32:37 schrieb Marcus Meissner: Hi Marcus, >IPSEC for aes-ctr requests: > > authenc(digest_null,rfc3686(ctr(aes))) > >which can be used in FIPS mode. > >rfc3686(ctr(aes)) is already allowed for FIPS usage. > >I also allowed "digest_null" for FIPS usage. > >Signed-off-by: Marcus Meissner <meissner@suse.de> I am sorry, but I would say NACK here. The reason is that the authenc() ciphers are AEAD ciphers. Such ciphers are defined to be allowed for FIPS 140-2 usage in SP800-38F. But that SP only allows ciphers if there is an authentication (i.e. a MAC) involved. With the added authenc() algo, there seems to be no MAC. In addition, the NULL cipher definitely cannot be considered allowed in FIPS mode. >--- > crypto/testmgr.c | 5 +++++ > 1 file changed, 5 insertions(+) > >diff --git a/crypto/testmgr.c b/crypto/testmgr.c >index 190a290..6ad8ba2 100644 >--- a/crypto/testmgr.c >+++ b/crypto/testmgr.c >@@ -2089,6 +2089,10 @@ static const struct alg_test_desc alg_test_descs[] = { >} > } > }, { >+ .alg = "authenc(digest_null,rfc3686(ctr(aes)))", >+ .test = alg_test_null, >+ .fips_allowed = 1, >+ }, { > .alg = "authenc(hmac(md5),ecb(cipher_null))", > .test = alg_test_aead, > .suite = { >@@ -2768,6 +2772,7 @@ static const struct alg_test_desc alg_test_descs[] = { > }, { > .alg = "digest_null", > .test = alg_test_null, >+ .fips_allowed = 1, > }, { > .alg = "drbg_nopr_ctr_aes128", > .test = alg_test_drbg, Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/crypto/testmgr.c b/crypto/testmgr.c index 190a290..6ad8ba2 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -2089,6 +2089,10 @@ static const struct alg_test_desc alg_test_descs[] = { } } }, { + .alg = "authenc(digest_null,rfc3686(ctr(aes)))", + .test = alg_test_null, + .fips_allowed = 1, + }, { .alg = "authenc(hmac(md5),ecb(cipher_null))", .test = alg_test_aead, .suite = { @@ -2768,6 +2772,7 @@ static const struct alg_test_desc alg_test_descs[] = { }, { .alg = "digest_null", .test = alg_test_null, + .fips_allowed = 1, }, { .alg = "drbg_nopr_ctr_aes128", .test = alg_test_drbg,
IPSEC for aes-ctr requests: authenc(digest_null,rfc3686(ctr(aes))) which can be used in FIPS mode. rfc3686(ctr(aes)) is already allowed for FIPS usage. I also allowed "digest_null" for FIPS usage. Signed-off-by: Marcus Meissner <meissner@suse.de> --- crypto/testmgr.c | 5 +++++ 1 file changed, 5 insertions(+)