crypto: RSA - limit key size to 2048 in FIPS mode

Commit Message

Stephan Mueller Nov. 21, 2021, 2:31 p.m. UTC

FIPS disallows RSA with keys < 2048 bits. Thus, the kernel should
consider the enforcement of this limit.

Signed-off-by: Stephan Mueller <smueller@chronox.de>
---
 crypto/rsa.c | 4 ++++
 1 file changed, 4 insertions(+)

Comments

Herbert Xu Nov. 26, 2021, 5:32 a.m. UTC | #1

On Sun, Nov 21, 2021 at 03:31:27PM +0100, Stephan Müller wrote:
> FIPS disallows RSA with keys < 2048 bits. Thus, the kernel should
> consider the enforcement of this limit.
> 
> Signed-off-by: Stephan Mueller <smueller@chronox.de>
> ---
>  crypto/rsa.c | 4 ++++
>  1 file changed, 4 insertions(+)

Patch applied.  Thanks.

Patch

diff --git a/crypto/rsa.c b/crypto/rsa.c
index 4cdbec95d077..39e04176b04b 100644
--- a/crypto/rsa.c
+++ b/crypto/rsa.c
@@ -5,6 +5,7 @@ 
  * Authors: Tadeusz Struk <tadeusz.struk@intel.com>
  */
 
+#include <linux/fips.h>
 #include <linux/module.h>
 #include <linux/mpi.h>
 #include <crypto/internal/rsa.h>
@@ -144,6 +145,9 @@  static int rsa_check_key_length(unsigned int len)
 	case 512:
 	case 1024:
 	case 1536:
+		if (fips_enabled)
+			return -EINVAL;
+		fallthrough;
 	case 2048:
 	case 3072:
 	case 4096: