Re: [PATCH] crypto: allow rfc3686 aes-ctr variants in fips mode.
On Fri, Feb 19, 2016 at 01:34:28PM +0100, Marcus Meissner wrote: > RFC 3686 CTR in various authenc methods. > > rfc3686(ctr(aes)) is already marked fips compliant, > so these should be fine. > > Signed-off-by: Marcus MeissnerApplied. -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH] crypto: allow rfc3686 aes-ctr variants in fips mode.
On Fri, Feb 19, 2016 at 01:34:28PM +0100, Marcus Meissner wrote: > RFC 3686 CTR in various authenc methods. > > rfc3686(ctr(aes)) is already marked fips compliant, > so these should be fine. > > Signed-off-by: Marcus Meissner Applied. -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH] crypto: allow rfc3686 aes-ctr variants in fips mode.
Am Freitag, 19. Februar 2016, 13:34:28 schrieb Marcus Meissner: Hi Marcus, > RFC 3686 CTR in various authenc methods. > > rfc3686(ctr(aes)) is already marked fips compliant, > so these should be fine. > > Signed-off-by: Marcus MeissnerAcked-by: Stephan Mueller > --- > crypto/testmgr.c | 16 > 1 file changed, 16 insertions(+) > > diff --git a/crypto/testmgr.c b/crypto/testmgr.c > index 190a290..5316d59 100644 > --- a/crypto/testmgr.c > +++ b/crypto/testmgr.c > @@ -2167,6 +2167,10 @@ static const struct alg_test_desc alg_test_descs[] = > { } > } > }, { > + .alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))", > + .test = alg_test_null, > + .fips_allowed = 1, > + }, { > .alg = "authenc(hmac(sha224),cbc(des))", > .test = alg_test_aead, > .suite = { > @@ -2239,6 +2243,10 @@ static const struct alg_test_desc alg_test_descs[] = > { .test = alg_test_null, > .fips_allowed = 1, > }, { > + .alg = "authenc(hmac(sha256),rfc3686(ctr(aes)))", > + .test = alg_test_null, > + .fips_allowed = 1, > + }, { > .alg = "authenc(hmac(sha384),cbc(des))", > .test = alg_test_aead, > .suite = { > @@ -2270,6 +2278,10 @@ static const struct alg_test_desc alg_test_descs[] = > { .test = alg_test_null, > .fips_allowed = 1, > }, { > + .alg = "authenc(hmac(sha384),rfc3686(ctr(aes)))", > + .test = alg_test_null, > + .fips_allowed = 1, > + }, { > .alg = "authenc(hmac(sha512),cbc(aes))", > .fips_allowed = 1, > .test = alg_test_aead, > @@ -2315,6 +2327,10 @@ static const struct alg_test_desc alg_test_descs[] = > { .test = alg_test_null, > .fips_allowed = 1, > }, { > + .alg = "authenc(hmac(sha512),rfc3686(ctr(aes)))", > + .test = alg_test_null, > + .fips_allowed = 1, > + }, { > .alg = "cbc(aes)", > .test = alg_test_skcipher, > .fips_allowed = 1, Ciao Stephan
Re: [PATCH] crypto: allow rfc3686 aes-ctr variants in fips mode.
Am Freitag, 19. Februar 2016, 13:34:28 schrieb Marcus Meissner: Hi Marcus, > RFC 3686 CTR in various authenc methods. > > rfc3686(ctr(aes)) is already marked fips compliant, > so these should be fine. > > Signed-off-by: Marcus Meissner Acked-by: Stephan Mueller > --- > crypto/testmgr.c | 16 > 1 file changed, 16 insertions(+) > > diff --git a/crypto/testmgr.c b/crypto/testmgr.c > index 190a290..5316d59 100644 > --- a/crypto/testmgr.c > +++ b/crypto/testmgr.c > @@ -2167,6 +2167,10 @@ static const struct alg_test_desc alg_test_descs[] = > { } > } > }, { > + .alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))", > + .test = alg_test_null, > + .fips_allowed = 1, > + }, { > .alg = "authenc(hmac(sha224),cbc(des))", > .test = alg_test_aead, > .suite = { > @@ -2239,6 +2243,10 @@ static const struct alg_test_desc alg_test_descs[] = > { .test = alg_test_null, > .fips_allowed = 1, > }, { > + .alg = "authenc(hmac(sha256),rfc3686(ctr(aes)))", > + .test = alg_test_null, > + .fips_allowed = 1, > + }, { > .alg = "authenc(hmac(sha384),cbc(des))", > .test = alg_test_aead, > .suite = { > @@ -2270,6 +2278,10 @@ static const struct alg_test_desc alg_test_descs[] = > { .test = alg_test_null, > .fips_allowed = 1, > }, { > + .alg = "authenc(hmac(sha384),rfc3686(ctr(aes)))", > + .test = alg_test_null, > + .fips_allowed = 1, > + }, { > .alg = "authenc(hmac(sha512),cbc(aes))", > .fips_allowed = 1, > .test = alg_test_aead, > @@ -2315,6 +2327,10 @@ static const struct alg_test_desc alg_test_descs[] = > { .test = alg_test_null, > .fips_allowed = 1, > }, { > + .alg = "authenc(hmac(sha512),rfc3686(ctr(aes)))", > + .test = alg_test_null, > + .fips_allowed = 1, > + }, { > .alg = "cbc(aes)", > .test = alg_test_skcipher, > .fips_allowed = 1, Ciao Stephan
[PATCH] crypto: allow rfc3686 aes-ctr variants in fips mode.
RFC 3686 CTR in various authenc methods. rfc3686(ctr(aes)) is already marked fips compliant, so these should be fine. Signed-off-by: Marcus Meissner--- crypto/testmgr.c | 16 1 file changed, 16 insertions(+) diff --git a/crypto/testmgr.c b/crypto/testmgr.c index 190a290..5316d59 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -2167,6 +2167,10 @@ static const struct alg_test_desc alg_test_descs[] = { } } }, { + .alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))", + .test = alg_test_null, + .fips_allowed = 1, + }, { .alg = "authenc(hmac(sha224),cbc(des))", .test = alg_test_aead, .suite = { @@ -2239,6 +2243,10 @@ static const struct alg_test_desc alg_test_descs[] = { .test = alg_test_null, .fips_allowed = 1, }, { + .alg = "authenc(hmac(sha256),rfc3686(ctr(aes)))", + .test = alg_test_null, + .fips_allowed = 1, + }, { .alg = "authenc(hmac(sha384),cbc(des))", .test = alg_test_aead, .suite = { @@ -2270,6 +2278,10 @@ static const struct alg_test_desc alg_test_descs[] = { .test = alg_test_null, .fips_allowed = 1, }, { + .alg = "authenc(hmac(sha384),rfc3686(ctr(aes)))", + .test = alg_test_null, + .fips_allowed = 1, + }, { .alg = "authenc(hmac(sha512),cbc(aes))", .fips_allowed = 1, .test = alg_test_aead, @@ -2315,6 +2327,10 @@ static const struct alg_test_desc alg_test_descs[] = { .test = alg_test_null, .fips_allowed = 1, }, { + .alg = "authenc(hmac(sha512),rfc3686(ctr(aes)))", + .test = alg_test_null, + .fips_allowed = 1, + }, { .alg = "cbc(aes)", .test = alg_test_skcipher, .fips_allowed = 1, -- 2.1.4
[PATCH] crypto: allow rfc3686 aes-ctr variants in fips mode.
RFC 3686 CTR in various authenc methods. rfc3686(ctr(aes)) is already marked fips compliant, so these should be fine. Signed-off-by: Marcus Meissner --- crypto/testmgr.c | 16 1 file changed, 16 insertions(+) diff --git a/crypto/testmgr.c b/crypto/testmgr.c index 190a290..5316d59 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -2167,6 +2167,10 @@ static const struct alg_test_desc alg_test_descs[] = { } } }, { + .alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))", + .test = alg_test_null, + .fips_allowed = 1, + }, { .alg = "authenc(hmac(sha224),cbc(des))", .test = alg_test_aead, .suite = { @@ -2239,6 +2243,10 @@ static const struct alg_test_desc alg_test_descs[] = { .test = alg_test_null, .fips_allowed = 1, }, { + .alg = "authenc(hmac(sha256),rfc3686(ctr(aes)))", + .test = alg_test_null, + .fips_allowed = 1, + }, { .alg = "authenc(hmac(sha384),cbc(des))", .test = alg_test_aead, .suite = { @@ -2270,6 +2278,10 @@ static const struct alg_test_desc alg_test_descs[] = { .test = alg_test_null, .fips_allowed = 1, }, { + .alg = "authenc(hmac(sha384),rfc3686(ctr(aes)))", + .test = alg_test_null, + .fips_allowed = 1, + }, { .alg = "authenc(hmac(sha512),cbc(aes))", .fips_allowed = 1, .test = alg_test_aead, @@ -2315,6 +2327,10 @@ static const struct alg_test_desc alg_test_descs[] = { .test = alg_test_null, .fips_allowed = 1, }, { + .alg = "authenc(hmac(sha512),rfc3686(ctr(aes)))", + .test = alg_test_null, + .fips_allowed = 1, + }, { .alg = "cbc(aes)", .test = alg_test_skcipher, .fips_allowed = 1, -- 2.1.4