diff options
| author | Nicolai Stange <nstange@suse.de> | 2022-12-29 22:17:10 +0100 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2023-01-06 17:15:47 +0800 |
| commit | c27b2d2012e1826674255b9e45b61c172a267e1c (patch) | |
| tree | 8225b91f54e69a3e49604c97214c1468c9273e80 /crypto | |
| parent | 2912eb9b17ac29facd799ffe05fdb7cf10017e82 (diff) | |
| download | linux-c27b2d2012e1826674255b9e45b61c172a267e1c.tar.gz | |
crypto: testmgr - allow ecdsa-nist-p256 and -p384 in FIPS mode
The kernel provides implementations of the NIST ECDSA signature
verification primitives. For key sizes of 256 and 384 bits respectively
they are approved and can be enabled in FIPS mode. Do so.
Signed-off-by: Nicolai Stange <nstange@suse.de>
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/testmgr.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/crypto/testmgr.c b/crypto/testmgr.c index a223cf5f36269a..795c4858c7418f 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -5034,12 +5034,14 @@ static const struct alg_test_desc alg_test_descs[] = { }, { .alg = "ecdsa-nist-p256", .test = alg_test_akcipher, + .fips_allowed = 1, .suite = { .akcipher = __VECS(ecdsa_nist_p256_tv_template) } }, { .alg = "ecdsa-nist-p384", .test = alg_test_akcipher, + .fips_allowed = 1, .suite = { .akcipher = __VECS(ecdsa_nist_p384_tv_template) } |