[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YdepEhTI/LB9wdJr@gondor.apana.org.au>
Date: Fri, 7 Jan 2022 13:44:34 +1100
From: Herbert Xu <herbert@...dor.apana.org.au>
To: Stephan Mueller <smueller@...onox.de>
Cc: Nicolai Stange <nstange@...e.de>,
"David S. Miller" <davem@...emloft.net>,
Hannes Reinecke <hare@...e.de>, Torsten Duwe <duwe@...e.de>,
Zaibo Xu <xuzaibo@...wei.com>,
Giovanni Cabiddu <giovanni.cabiddu@...el.com>,
David Howells <dhowells@...hat.com>,
Jarkko Sakkinen <jarkko@...nel.org>,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
qat-linux@...el.com, keyrings@...r.kernel.org, simo@...hat.com
Subject: Re: [PATCH v2 03/18] crypto: dh - optimize domain parameter
serialization for well-known groups
On Thu, Jan 06, 2022 at 03:30:04PM +0100, Stephan Mueller wrote:
>
> This means in FIPS mode, invoking the algo of "dh" should not be possible.
> Yet, on the other hand, we cannot mark "dh" as fips_allowed == 0 as the
> templates would not be able to instantiate them.
Right, we have exactly the same problem with sha1 where sha1
per se should be not be allowed in FIPS mode but hmac(sha1)
should be.
> Therefore, I think we should mark "dh" as CRYPTO_ALG_INTERNAL if in FIPS mode.
I think the annotation should be added to testmgr.c. We could
mark dh and sha1 as not fips_allowed but allowed as the parameter
of a template. This could then be represented in the crypto_alg
object by a new flag.
This flag could then be set automatically in crypto_grab_* to
allow them to be picked up automatically for templates.
I'm already writing this up for sha1 anyway so let me polish it
off and I'll post it soon which you can then reuse it for dh.
Cheers,
--
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Powered by blists - more mailing lists