crypto: testmgr - mark xts(aes) as fips_allowed
We (Red Hat) are intending to include dm-crypt functionality, using xts(aes) for disk encryption, as part of an upcoming FIPS-140-2 certification effort, and xts(aes) *is* on the list of possible mode/cipher combinations that can be certified. To make that possible, we need to mark xts(aes) as fips_allowed in the crypto subsystem. A 'modprobe tcrypt mode=10' in fips mode shows xts(aes) self-tests passing successfully after this change. Signed-off-by: NJarod Wilson <jarod@redhat.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
Showing
想要评论请 注册 或 登录