* [PATCH] crypto: fips: allow more ipsec related methods
@ 2016-02-09 9:32 Marcus Meissner
2016-02-09 13:44 ` Stephan Mueller
0 siblings, 1 reply; 2+ messages in thread
From: Marcus Meissner @ 2016-02-09 9:32 UTC (permalink / raw)
To: herbert, davem, linux-crypto, linux-kernel, smueller; +Cc: Marcus Meissner
IPSEC for aes-ctr requests:
authenc(digest_null,rfc3686(ctr(aes)))
which can be used in FIPS mode.
rfc3686(ctr(aes)) is already allowed for FIPS usage.
I also allowed "digest_null" for FIPS usage.
Signed-off-by: Marcus Meissner <meissner@suse.de>
---
crypto/testmgr.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 190a290..6ad8ba2 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2089,6 +2089,10 @@ static const struct alg_test_desc alg_test_descs[] = {
}
}
}, {
+ .alg = "authenc(digest_null,rfc3686(ctr(aes)))",
+ .test = alg_test_null,
+ .fips_allowed = 1,
+ }, {
.alg = "authenc(hmac(md5),ecb(cipher_null))",
.test = alg_test_aead,
.suite = {
@@ -2768,6 +2772,7 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "digest_null",
.test = alg_test_null,
+ .fips_allowed = 1,
}, {
.alg = "drbg_nopr_ctr_aes128",
.test = alg_test_drbg,
--
2.1.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] crypto: fips: allow more ipsec related methods
2016-02-09 9:32 [PATCH] crypto: fips: allow more ipsec related methods Marcus Meissner
@ 2016-02-09 13:44 ` Stephan Mueller
0 siblings, 0 replies; 2+ messages in thread
From: Stephan Mueller @ 2016-02-09 13:44 UTC (permalink / raw)
To: Marcus Meissner; +Cc: herbert, davem, linux-crypto, linux-kernel
Am Dienstag, 9. Februar 2016, 10:32:37 schrieb Marcus Meissner:
Hi Marcus,
>IPSEC for aes-ctr requests:
>
> authenc(digest_null,rfc3686(ctr(aes)))
>
>which can be used in FIPS mode.
>
>rfc3686(ctr(aes)) is already allowed for FIPS usage.
>
>I also allowed "digest_null" for FIPS usage.
>
>Signed-off-by: Marcus Meissner <meissner@suse.de>
I am sorry, but I would say NACK here.
The reason is that the authenc() ciphers are AEAD ciphers. Such ciphers are
defined to be allowed for FIPS 140-2 usage in SP800-38F. But that SP only
allows ciphers if there is an authentication (i.e. a MAC) involved. With the
added authenc() algo, there seems to be no MAC.
In addition, the NULL cipher definitely cannot be considered allowed in FIPS
mode.
>---
> crypto/testmgr.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
>diff --git a/crypto/testmgr.c b/crypto/testmgr.c
>index 190a290..6ad8ba2 100644
>--- a/crypto/testmgr.c
>+++ b/crypto/testmgr.c
>@@ -2089,6 +2089,10 @@ static const struct alg_test_desc alg_test_descs[] = {
>}
> }
> }, {
>+ .alg = "authenc(digest_null,rfc3686(ctr(aes)))",
>+ .test = alg_test_null,
>+ .fips_allowed = 1,
>+ }, {
> .alg = "authenc(hmac(md5),ecb(cipher_null))",
> .test = alg_test_aead,
> .suite = {
>@@ -2768,6 +2772,7 @@ static const struct alg_test_desc alg_test_descs[] = {
> }, {
> .alg = "digest_null",
> .test = alg_test_null,
>+ .fips_allowed = 1,
> }, {
> .alg = "drbg_nopr_ctr_aes128",
> .test = alg_test_drbg,
Ciao
Stephan
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-02-09 13:45 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-02-09 9:32 [PATCH] crypto: fips: allow more ipsec related methods Marcus Meissner
2016-02-09 13:44 ` Stephan Mueller
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.