| Message ID | 20230117172006.8912-1-vdronov@redhat.com (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Herbert Xu |
| Headers | show |
| Series | crypto: testmgr - disallow certain DRBG hash functions in FIPS mode | expand |
Am Dienstag, 17. Januar 2023, 18:20:06 CET schrieb Vladis Dronov: Hi Vladis, > According to FIPS 140-3 IG, section D.R "Hash Functions Acceptable for > Use in the SP 800-90A DRBGs", modules certified after May 16th, 2023 > must not support the use of: SHA-224, SHA-384, SHA512-224, SHA512-256, > SHA3-224, SHA3-384. Disallow HMAC and HASH DRBGs using SHA-384 in FIPS > mode. > > Signed-off-by: Vladis Dronov <vdronov@redhat.com> Thank you very much for the patch! Reviewed-by: Stephan Müller <smueller@chronox.de> > --- > Some details: > > The following DRBG algos are defined in testmgr.c as of now: > > drbg_{no,}pr_ctr_aes128 > drbg_{no,}pr_ctr_aes192 > drbg_{no,}pr_ctr_aes256 > > drbg_{no,}pr_hmac_sha1 > drbg_{no,}pr_hmac_sha256 > drbg_{no,}pr_hmac_sha384 (disallow) > drbg_{no,}pr_hmac_sha512 > > drbg_{no,}pr_sha1 > drbg_{no,}pr_sha256 > drbg_{no,}pr_sha384 (disallow) > drbg_{no,}pr_sha512 > > Marked DRBGs should be disallowed in FIPS mode according to > the requirements above. > --- > crypto/testmgr.c | 4 ---- > 1 file changed, 4 deletions(-) > > diff --git a/crypto/testmgr.c b/crypto/testmgr.c > index 4476ac97baa5..fbb53d961ea9 100644 > --- a/crypto/testmgr.c > +++ b/crypto/testmgr.c > @@ -4782,7 +4782,6 @@ static const struct alg_test_desc alg_test_descs[] = { > }, { > /* covered by drbg_nopr_hmac_sha256 test */ > .alg = "drbg_nopr_hmac_sha384", > - .fips_allowed = 1, > .test = alg_test_null, > }, { > .alg = "drbg_nopr_hmac_sha512", > @@ -4805,7 +4804,6 @@ static const struct alg_test_desc alg_test_descs[] = { > }, { > /* covered by drbg_nopr_sha256 test */ > .alg = "drbg_nopr_sha384", > - .fips_allowed = 1, > .test = alg_test_null, > }, { > .alg = "drbg_nopr_sha512", > @@ -4841,7 +4839,6 @@ static const struct alg_test_desc alg_test_descs[] = { > }, { > /* covered by drbg_pr_hmac_sha256 test */ > .alg = "drbg_pr_hmac_sha384", > - .fips_allowed = 1, > .test = alg_test_null, > }, { > .alg = "drbg_pr_hmac_sha512", > @@ -4861,7 +4858,6 @@ static const struct alg_test_desc alg_test_descs[] = { > }, { > /* covered by drbg_pr_sha256 test */ > .alg = "drbg_pr_sha384", > - .fips_allowed = 1, > .test = alg_test_null, > }, { > .alg = "drbg_pr_sha512", Ciao Stephan
On Tue, Jan 17, 2023 at 06:20:06PM +0100, Vladis Dronov wrote: > According to FIPS 140-3 IG, section D.R "Hash Functions Acceptable for > Use in the SP 800-90A DRBGs", modules certified after May 16th, 2023 > must not support the use of: SHA-224, SHA-384, SHA512-224, SHA512-256, > SHA3-224, SHA3-384. Disallow HMAC and HASH DRBGs using SHA-384 in FIPS > mode. > > Signed-off-by: Vladis Dronov <vdronov@redhat.com> > --- > Some details: > > The following DRBG algos are defined in testmgr.c as of now: > > drbg_{no,}pr_ctr_aes128 > drbg_{no,}pr_ctr_aes192 > drbg_{no,}pr_ctr_aes256 > > drbg_{no,}pr_hmac_sha1 > drbg_{no,}pr_hmac_sha256 > drbg_{no,}pr_hmac_sha384 (disallow) > drbg_{no,}pr_hmac_sha512 > > drbg_{no,}pr_sha1 > drbg_{no,}pr_sha256 > drbg_{no,}pr_sha384 (disallow) > drbg_{no,}pr_sha512 > > Marked DRBGs should be disallowed in FIPS mode according to > the requirements above. > --- > crypto/testmgr.c | 4 ---- > 1 file changed, 4 deletions(-) Patch applied. Thanks.
diff --git a/crypto/testmgr.c b/crypto/testmgr.c index 4476ac97baa5..fbb53d961ea9 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -4782,7 +4782,6 @@ static const struct alg_test_desc alg_test_descs[] = { }, { /* covered by drbg_nopr_hmac_sha256 test */ .alg = "drbg_nopr_hmac_sha384", - .fips_allowed = 1, .test = alg_test_null, }, { .alg = "drbg_nopr_hmac_sha512", @@ -4805,7 +4804,6 @@ static const struct alg_test_desc alg_test_descs[] = { }, { /* covered by drbg_nopr_sha256 test */ .alg = "drbg_nopr_sha384", - .fips_allowed = 1, .test = alg_test_null, }, { .alg = "drbg_nopr_sha512", @@ -4841,7 +4839,6 @@ static const struct alg_test_desc alg_test_descs[] = { }, { /* covered by drbg_pr_hmac_sha256 test */ .alg = "drbg_pr_hmac_sha384", - .fips_allowed = 1, .test = alg_test_null, }, { .alg = "drbg_pr_hmac_sha512", @@ -4861,7 +4858,6 @@ static const struct alg_test_desc alg_test_descs[] = { }, { /* covered by drbg_pr_sha256 test */ .alg = "drbg_pr_sha384", - .fips_allowed = 1, .test = alg_test_null, }, { .alg = "drbg_pr_sha512",
According to FIPS 140-3 IG, section D.R "Hash Functions Acceptable for Use in the SP 800-90A DRBGs", modules certified after May 16th, 2023 must not support the use of: SHA-224, SHA-384, SHA512-224, SHA512-256, SHA3-224, SHA3-384. Disallow HMAC and HASH DRBGs using SHA-384 in FIPS mode. Signed-off-by: Vladis Dronov <vdronov@redhat.com> --- Some details: The following DRBG algos are defined in testmgr.c as of now: drbg_{no,}pr_ctr_aes128 drbg_{no,}pr_ctr_aes192 drbg_{no,}pr_ctr_aes256 drbg_{no,}pr_hmac_sha1 drbg_{no,}pr_hmac_sha256 drbg_{no,}pr_hmac_sha384 (disallow) drbg_{no,}pr_hmac_sha512 drbg_{no,}pr_sha1 drbg_{no,}pr_sha256 drbg_{no,}pr_sha384 (disallow) drbg_{no,}pr_sha512 Marked DRBGs should be disallowed in FIPS mode according to the requirements above. --- crypto/testmgr.c | 4 ---- 1 file changed, 4 deletions(-)