crypto: testmgr - allow ecdsa-nist-p256 and -p384 in FIPS mode

The kernel provides implementations of the NIST ECDSA signature verification primitives. For key sizes of 256 and 384 bits respectively they are approved and can be enabled in FIPS mode. Do so. Signed-off-by: N Nicolai Stange <nstange@suse.de> Signed-off-by: N Vladis Dronov <vdronov@redhat.com> Signed-off-by: N Herbert Xu <herbert@gondor.apana.org.au>

crypto: testmgr - allow ecdsa-nist-p256 and -p384 in FIPS mode
The kernel provides implementations of the NIST ECDSA signature verification primitives. For key sizes of 256 and 384 bits respectively they are approved and can be enabled in FIPS mode. Do so. Signed-off-by: N Nicolai Stange <nstange@suse.de> Signed-off-by: N Vladis Dronov <vdronov@redhat.com> Signed-off-by: N Herbert Xu <herbert@gondor.apana.org.au>
c27b2d20 · Nicolai Stange · Herbert Xu · 2912eb9b · c27b2d20
显示空白变更内容
内联并排

Showing with 2 addition and 0 deletion

crypto/testmgr.c crypto/testmgr.c +2 -0

未找到文件。
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -5034,12 +5034,14 @@ static const struct alg_test_desc alg_test_descs[] = {
 	}, {
 		.alg = "ecdsa-nist-p256",
 		.test = alg_test_akcipher,
+		.fips_allowed = 1,
 		.suite = {
 			.akcipher = __VECS(ecdsa_nist_p256_tv_template)
 		}
 	}, {
 		.alg = "ecdsa-nist-p384",
 		.test = alg_test_akcipher,
+		.fips_allowed = 1,
 		.suite = {
 			.akcipher = __VECS(ecdsa_nist_p384_tv_template)
 		}