Re: [PATCH] crypto: allow rfc3686 aes-ctr variants in fips mode.

2016-02-27 Thread Herbert Xu 
On Fri, Feb 19, 2016 at 01:34:28PM +0100, Marcus Meissner wrote:
> RFC 3686 CTR in various authenc methods.
> 
> rfc3686(ctr(aes)) is already marked fips compliant,
> so these should be fine.
> 
> Signed-off-by: Marcus Meissner 

Applied.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: allow rfc3686 aes-ctr variants in fips mode.

2016-02-27 Thread Herbert Xu 
On Fri, Feb 19, 2016 at 01:34:28PM +0100, Marcus Meissner wrote:
> RFC 3686 CTR in various authenc methods.
> 
> rfc3686(ctr(aes)) is already marked fips compliant,
> so these should be fine.
> 
> Signed-off-by: Marcus Meissner 

Applied.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: allow rfc3686 aes-ctr variants in fips mode.

2016-02-19 Thread Stephan Mueller 
Am Freitag, 19. Februar 2016, 13:34:28 schrieb Marcus Meissner:

Hi Marcus,

> RFC 3686 CTR in various authenc methods.
> 
> rfc3686(ctr(aes)) is already marked fips compliant,
> so these should be fine.
> 
> Signed-off-by: Marcus Meissner 

Acked-by: Stephan Mueller 
> ---
>  crypto/testmgr.c | 16 
>  1 file changed, 16 insertions(+)
> 
> diff --git a/crypto/testmgr.c b/crypto/testmgr.c
> index 190a290..5316d59 100644
> --- a/crypto/testmgr.c
> +++ b/crypto/testmgr.c
> @@ -2167,6 +2167,10 @@ static const struct alg_test_desc alg_test_descs[] =
> { }
>   }
>   }, {
> + .alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))",
> + .test = alg_test_null,
> + .fips_allowed = 1,
> + }, {
>   .alg = "authenc(hmac(sha224),cbc(des))",
>   .test = alg_test_aead,
>   .suite = {
> @@ -2239,6 +2243,10 @@ static const struct alg_test_desc alg_test_descs[] =
> { .test = alg_test_null,
>   .fips_allowed = 1,
>   }, {
> + .alg = "authenc(hmac(sha256),rfc3686(ctr(aes)))",
> + .test = alg_test_null,
> + .fips_allowed = 1,
> + }, {
>   .alg = "authenc(hmac(sha384),cbc(des))",
>   .test = alg_test_aead,
>   .suite = {
> @@ -2270,6 +2278,10 @@ static const struct alg_test_desc alg_test_descs[] =
> { .test = alg_test_null,
>   .fips_allowed = 1,
>   }, {
> + .alg = "authenc(hmac(sha384),rfc3686(ctr(aes)))",
> + .test = alg_test_null,
> + .fips_allowed = 1,
> + }, {
>   .alg = "authenc(hmac(sha512),cbc(aes))",
>   .fips_allowed = 1,
>   .test = alg_test_aead,
> @@ -2315,6 +2327,10 @@ static const struct alg_test_desc alg_test_descs[] =
> { .test = alg_test_null,
>   .fips_allowed = 1,
>   }, {
> + .alg = "authenc(hmac(sha512),rfc3686(ctr(aes)))",
> + .test = alg_test_null,
> + .fips_allowed = 1,
> + }, {
>   .alg = "cbc(aes)",
>   .test = alg_test_skcipher,
>   .fips_allowed = 1,


Ciao
Stephan

Re: [PATCH] crypto: allow rfc3686 aes-ctr variants in fips mode.

2016-02-19 Thread Stephan Mueller 
Am Freitag, 19. Februar 2016, 13:34:28 schrieb Marcus Meissner:

Hi Marcus,

> RFC 3686 CTR in various authenc methods.
> 
> rfc3686(ctr(aes)) is already marked fips compliant,
> so these should be fine.
> 
> Signed-off-by: Marcus Meissner 

Acked-by: Stephan Mueller 
> ---
>  crypto/testmgr.c | 16 
>  1 file changed, 16 insertions(+)
> 
> diff --git a/crypto/testmgr.c b/crypto/testmgr.c
> index 190a290..5316d59 100644
> --- a/crypto/testmgr.c
> +++ b/crypto/testmgr.c
> @@ -2167,6 +2167,10 @@ static const struct alg_test_desc alg_test_descs[] =
> { }
>   }
>   }, {
> + .alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))",
> + .test = alg_test_null,
> + .fips_allowed = 1,
> + }, {
>   .alg = "authenc(hmac(sha224),cbc(des))",
>   .test = alg_test_aead,
>   .suite = {
> @@ -2239,6 +2243,10 @@ static const struct alg_test_desc alg_test_descs[] =
> { .test = alg_test_null,
>   .fips_allowed = 1,
>   }, {
> + .alg = "authenc(hmac(sha256),rfc3686(ctr(aes)))",
> + .test = alg_test_null,
> + .fips_allowed = 1,
> + }, {
>   .alg = "authenc(hmac(sha384),cbc(des))",
>   .test = alg_test_aead,
>   .suite = {
> @@ -2270,6 +2278,10 @@ static const struct alg_test_desc alg_test_descs[] =
> { .test = alg_test_null,
>   .fips_allowed = 1,
>   }, {
> + .alg = "authenc(hmac(sha384),rfc3686(ctr(aes)))",
> + .test = alg_test_null,
> + .fips_allowed = 1,
> + }, {
>   .alg = "authenc(hmac(sha512),cbc(aes))",
>   .fips_allowed = 1,
>   .test = alg_test_aead,
> @@ -2315,6 +2327,10 @@ static const struct alg_test_desc alg_test_descs[] =
> { .test = alg_test_null,
>   .fips_allowed = 1,
>   }, {
> + .alg = "authenc(hmac(sha512),rfc3686(ctr(aes)))",
> + .test = alg_test_null,
> + .fips_allowed = 1,
> + }, {
>   .alg = "cbc(aes)",
>   .test = alg_test_skcipher,
>   .fips_allowed = 1,


Ciao
Stephan

[PATCH] crypto: allow rfc3686 aes-ctr variants in fips mode.

2016-02-19 Thread Marcus Meissner 
RFC 3686 CTR in various authenc methods.

rfc3686(ctr(aes)) is already marked fips compliant,
so these should be fine.

Signed-off-by: Marcus Meissner 
---
 crypto/testmgr.c | 16 
 1 file changed, 16 insertions(+)

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 190a290..5316d59 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2167,6 +2167,10 @@ static const struct alg_test_desc alg_test_descs[] = {
}
}
}, {
+   .alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))",
+   .test = alg_test_null,
+   .fips_allowed = 1,
+   }, {
.alg = "authenc(hmac(sha224),cbc(des))",
.test = alg_test_aead,
.suite = {
@@ -2239,6 +2243,10 @@ static const struct alg_test_desc alg_test_descs[] = {
.test = alg_test_null,
.fips_allowed = 1,
}, {
+   .alg = "authenc(hmac(sha256),rfc3686(ctr(aes)))",
+   .test = alg_test_null,
+   .fips_allowed = 1,
+   }, {
.alg = "authenc(hmac(sha384),cbc(des))",
.test = alg_test_aead,
.suite = {
@@ -2270,6 +2278,10 @@ static const struct alg_test_desc alg_test_descs[] = {
.test = alg_test_null,
.fips_allowed = 1,
}, {
+   .alg = "authenc(hmac(sha384),rfc3686(ctr(aes)))",
+   .test = alg_test_null,
+   .fips_allowed = 1,
+   }, {
.alg = "authenc(hmac(sha512),cbc(aes))",
.fips_allowed = 1,
.test = alg_test_aead,
@@ -2315,6 +2327,10 @@ static const struct alg_test_desc alg_test_descs[] = {
.test = alg_test_null,
.fips_allowed = 1,
}, {
+   .alg = "authenc(hmac(sha512),rfc3686(ctr(aes)))",
+   .test = alg_test_null,
+   .fips_allowed = 1,
+   }, {
.alg = "cbc(aes)",
.test = alg_test_skcipher,
.fips_allowed = 1,
-- 
2.1.4

[PATCH] crypto: allow rfc3686 aes-ctr variants in fips mode.

2016-02-19 Thread Marcus Meissner 
RFC 3686 CTR in various authenc methods.

rfc3686(ctr(aes)) is already marked fips compliant,
so these should be fine.

Signed-off-by: Marcus Meissner 
---
 crypto/testmgr.c | 16 
 1 file changed, 16 insertions(+)

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 190a290..5316d59 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2167,6 +2167,10 @@ static const struct alg_test_desc alg_test_descs[] = {
}
}
}, {
+   .alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))",
+   .test = alg_test_null,
+   .fips_allowed = 1,
+   }, {
.alg = "authenc(hmac(sha224),cbc(des))",
.test = alg_test_aead,
.suite = {
@@ -2239,6 +2243,10 @@ static const struct alg_test_desc alg_test_descs[] = {
.test = alg_test_null,
.fips_allowed = 1,
}, {
+   .alg = "authenc(hmac(sha256),rfc3686(ctr(aes)))",
+   .test = alg_test_null,
+   .fips_allowed = 1,
+   }, {
.alg = "authenc(hmac(sha384),cbc(des))",
.test = alg_test_aead,
.suite = {
@@ -2270,6 +2278,10 @@ static const struct alg_test_desc alg_test_descs[] = {
.test = alg_test_null,
.fips_allowed = 1,
}, {
+   .alg = "authenc(hmac(sha384),rfc3686(ctr(aes)))",
+   .test = alg_test_null,
+   .fips_allowed = 1,
+   }, {
.alg = "authenc(hmac(sha512),cbc(aes))",
.fips_allowed = 1,
.test = alg_test_aead,
@@ -2315,6 +2327,10 @@ static const struct alg_test_desc alg_test_descs[] = {
.test = alg_test_null,
.fips_allowed = 1,
}, {
+   .alg = "authenc(hmac(sha512),rfc3686(ctr(aes)))",
+   .test = alg_test_null,
+   .fips_allowed = 1,
+   }, {
.alg = "cbc(aes)",
.test = alg_test_skcipher,
.fips_allowed = 1,
-- 
2.1.4