* [PATCH] crypto: mark cts(cbc(aes)) as FIPS allowed
@ 2018-11-04 10:05 Gilad Ben-Yossef
2018-11-05 8:50 ` Stephan Mueller
2018-11-09 9:54 ` Herbert Xu
0 siblings, 2 replies; 6+ messages in thread
From: Gilad Ben-Yossef @ 2018-11-04 10:05 UTC (permalink / raw)
To: Herbert Xu, David S. Miller
Cc: Ofir Drang, Yael Chemla, linux-crypto, linux-kernel
As per Sp800-38A addendum from Oct 2010[1], cts(cbc(aes)) is
allowed as a FIPS mode algorithm. Mark it as such.
[1] https://csrc.nist.gov/publications/detail/sp/800-38a/addendum/final
Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
---
crypto/testmgr.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index b1f79c6..1a371d01 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2805,6 +2805,7 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "cts(cbc(aes))",
.test = alg_test_skcipher,
+ .fips_allowed = 1,
.suite = {
.cipher = __VECS(cts_mode_tv_template)
}
--
2.7.4
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] crypto: mark cts(cbc(aes)) as FIPS allowed
2018-11-04 10:05 [PATCH] crypto: mark cts(cbc(aes)) as FIPS allowed Gilad Ben-Yossef
@ 2018-11-05 8:50 ` Stephan Mueller
2018-11-05 9:18 ` Gilad Ben-Yossef
2018-11-09 9:54 ` Herbert Xu
1 sibling, 1 reply; 6+ messages in thread
From: Stephan Mueller @ 2018-11-05 8:50 UTC (permalink / raw)
To: Gilad Ben-Yossef
Cc: Herbert Xu, David S. Miller, Ofir Drang, Yael Chemla,
linux-crypto, linux-kernel
Am Sonntag, 4. November 2018, 11:05:24 CET schrieb Gilad Ben-Yossef:
Hi Gilad,
> As per Sp800-38A addendum from Oct 2010[1], cts(cbc(aes)) is
> allowed as a FIPS mode algorithm. Mark it as such.
>
> [1] https://csrc.nist.gov/publications/detail/sp/800-38a/addendum/final
There are several types of CTS approaches. Only three of those are listed in
the SP800-38A addendum. The source code only refers to some RFCs.
Did you check whether the CTS implementation matches one or more of the types
listed in the addendum? If yes, may I suggest to add a small statement in the
code noting this fact?
Thanks a lot.
Ciao
Stephan
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] crypto: mark cts(cbc(aes)) as FIPS allowed
2018-11-05 8:50 ` Stephan Mueller
@ 2018-11-05 9:18 ` Gilad Ben-Yossef
2018-11-05 10:20 ` Ard Biesheuvel
0 siblings, 1 reply; 6+ messages in thread
From: Gilad Ben-Yossef @ 2018-11-05 9:18 UTC (permalink / raw)
To: Stephan Müller
Cc: Herbert Xu, David Miller, Ofir Drang, Yael Chemla,
Linux Crypto Mailing List, Linux kernel mailing list
Hi Stephan,
On Mon, Nov 5, 2018 at 10:50 AM Stephan Mueller <smueller@chronox.de> wrote:
>
> Am Sonntag, 4. November 2018, 11:05:24 CET schrieb Gilad Ben-Yossef:
>
> Hi Gilad,
>
> > As per Sp800-38A addendum from Oct 2010[1], cts(cbc(aes)) is
> > allowed as a FIPS mode algorithm. Mark it as such.
> >
> > [1] https://csrc.nist.gov/publications/detail/sp/800-38a/addendum/final
>
> There are several types of CTS approaches. Only three of those are listed in
> the SP800-38A addendum. The source code only refers to some RFCs.
>
> Did you check whether the CTS implementation matches one or more of the types
> listed in the addendum? If yes, may I suggest to add a small statement in the
> code noting this fact?
Yes, AFAIK the software implements CBC-CS3 as described in the document.
You have a very good point about this not document anywhere. I will
send a patch.
While we're at it, does someone find it useful if I implemented the
other two modes?
They are part of the standard as well, although I am not sure that in
itself is sufficient cause.
Gilad
--
Gilad Ben-Yossef
Chief Coffee Drinker
values of β will give rise to dom!
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] crypto: mark cts(cbc(aes)) as FIPS allowed
2018-11-05 9:18 ` Gilad Ben-Yossef
@ 2018-11-05 10:20 ` Ard Biesheuvel
2018-11-05 10:30 ` Stephan Mueller
0 siblings, 1 reply; 6+ messages in thread
From: Ard Biesheuvel @ 2018-11-05 10:20 UTC (permalink / raw)
To: Gilad Ben-Yossef
Cc: Stephan Müller, Herbert Xu, David Miller, Ofir Drang,
Yael Chemla, Linux Crypto Mailing List,
Linux kernel mailing list
On 5 November 2018 at 10:18, Gilad Ben-Yossef <gilad@benyossef.com> wrote:
> Hi Stephan,
>
> On Mon, Nov 5, 2018 at 10:50 AM Stephan Mueller <smueller@chronox.de> wrote:
>>
>> Am Sonntag, 4. November 2018, 11:05:24 CET schrieb Gilad Ben-Yossef:
>>
>> Hi Gilad,
>>
>> > As per Sp800-38A addendum from Oct 2010[1], cts(cbc(aes)) is
>> > allowed as a FIPS mode algorithm. Mark it as such.
>> >
>> > [1] https://csrc.nist.gov/publications/detail/sp/800-38a/addendum/final
>>
>> There are several types of CTS approaches. Only three of those are listed in
>> the SP800-38A addendum. The source code only refers to some RFCs.
>>
>> Did you check whether the CTS implementation matches one or more of the types
>> listed in the addendum? If yes, may I suggest to add a small statement in the
>> code noting this fact?
>
> Yes, AFAIK the software implements CBC-CS3 as described in the document.
> You have a very good point about this not document anywhere. I will
> send a patch.
>
I agree that it makes sense to document this.
> While we're at it, does someone find it useful if I implemented the
> other two modes?
> They are part of the standard as well, although I am not sure that in
> itself is sufficient cause.
>
Nope. The linux crypto API is not a general purpose cryptography
toolkit, it should only offer what we actually use in the kernel, or
we'll either end up with bitrot or with a disproportionate maintenance
burden for stuff nobody actually uses.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] crypto: mark cts(cbc(aes)) as FIPS allowed
2018-11-05 10:20 ` Ard Biesheuvel
@ 2018-11-05 10:30 ` Stephan Mueller
0 siblings, 0 replies; 6+ messages in thread
From: Stephan Mueller @ 2018-11-05 10:30 UTC (permalink / raw)
To: Ard Biesheuvel
Cc: Gilad Ben-Yossef, Herbert Xu, David Miller, Ofir Drang,
Yael Chemla, Linux Crypto Mailing List,
Linux kernel mailing list
Am Montag, 5. November 2018, 11:20:28 CET schrieb Ard Biesheuvel:
Hi Ard, Gilad,
> On 5 November 2018 at 10:18, Gilad Ben-Yossef <gilad@benyossef.com> wrote:
> > Hi Stephan,
> >
> > On Mon, Nov 5, 2018 at 10:50 AM Stephan Mueller <smueller@chronox.de>
wrote:
> >> Am Sonntag, 4. November 2018, 11:05:24 CET schrieb Gilad Ben-Yossef:
> >>
> >> Hi Gilad,
> >>
> >> > As per Sp800-38A addendum from Oct 2010[1], cts(cbc(aes)) is
> >> > allowed as a FIPS mode algorithm. Mark it as such.
> >> >
> >> > [1] https://csrc.nist.gov/publications/detail/sp/800-38a/addendum/final
> >>
> >> There are several types of CTS approaches. Only three of those are listed
> >> in the SP800-38A addendum. The source code only refers to some RFCs.
> >>
> >> Did you check whether the CTS implementation matches one or more of the
> >> types listed in the addendum? If yes, may I suggest to add a small
> >> statement in the code noting this fact?
> >
> > Yes, AFAIK the software implements CBC-CS3 as described in the document.
> > You have a very good point about this not document anywhere. I will
> > send a patch.
>
> I agree that it makes sense to document this.
Thanks for adding this. With this statement, the initial patch of adding the
fips_allowed flag is:
Reviewed-by: Stephan Mueller <smueller@chronox.de>
Ciao
Stephan
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] crypto: mark cts(cbc(aes)) as FIPS allowed
2018-11-04 10:05 [PATCH] crypto: mark cts(cbc(aes)) as FIPS allowed Gilad Ben-Yossef
2018-11-05 8:50 ` Stephan Mueller
@ 2018-11-09 9:54 ` Herbert Xu
1 sibling, 0 replies; 6+ messages in thread
From: Herbert Xu @ 2018-11-09 9:54 UTC (permalink / raw)
To: Gilad Ben-Yossef
Cc: David S. Miller, Ofir Drang, Yael Chemla, linux-crypto, linux-kernel
On Sun, Nov 04, 2018 at 10:05:24AM +0000, Gilad Ben-Yossef wrote:
> As per Sp800-38A addendum from Oct 2010[1], cts(cbc(aes)) is
> allowed as a FIPS mode algorithm. Mark it as such.
>
> [1] https://csrc.nist.gov/publications/detail/sp/800-38a/addendum/final
>
> Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
> ---
> crypto/testmgr.c | 1 +
> 1 file changed, 1 insertion(+)
Patch applied. Thanks.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2018-11-09 9:54 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-11-04 10:05 [PATCH] crypto: mark cts(cbc(aes)) as FIPS allowed Gilad Ben-Yossef
2018-11-05 8:50 ` Stephan Mueller
2018-11-05 9:18 ` Gilad Ben-Yossef
2018-11-05 10:20 ` Ard Biesheuvel
2018-11-05 10:30 ` Stephan Mueller
2018-11-09 9:54 ` Herbert Xu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).