]> Git Repo - linux.git/commitdiff
crypto: testmgr - allow ecdsa-nist-p256 and -p384 in FIPS mode
authorNicolai Stange <[email protected]>
Thu, 29 Dec 2022 21:17:10 +0000 (22:17 +0100)
committerHerbert Xu <[email protected]>
Fri, 6 Jan 2023 09:15:47 +0000 (17:15 +0800)
The kernel provides implementations of the NIST ECDSA signature
verification primitives. For key sizes of 256 and 384 bits respectively
they are approved and can be enabled in FIPS mode. Do so.

Signed-off-by: Nicolai Stange <[email protected]>
Signed-off-by: Vladis Dronov <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
crypto/testmgr.c

index a223cf5f36269abeed4a30f71a31d8734b8a4427..795c4858c7418f938db2cdaa44fd26985a8e007e 100644 (file)
@@ -5034,12 +5034,14 @@ static const struct alg_test_desc alg_test_descs[] = {
        }, {
                .alg = "ecdsa-nist-p256",
                .test = alg_test_akcipher,
+               .fips_allowed = 1,
                .suite = {
                        .akcipher = __VECS(ecdsa_nist_p256_tv_template)
                }
        }, {
                .alg = "ecdsa-nist-p384",
                .test = alg_test_akcipher,
+               .fips_allowed = 1,
                .suite = {
                        .akcipher = __VECS(ecdsa_nist_p384_tv_template)
                }
This page took 0.061474 seconds and 4 git commands to generate.