lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 6 Jan 2023 23:18:43 +0800
From:   Herbert Xu <herbert@...dor.apana.org.au>
To:     Vladis Dronov <vdronov@...hat.com>
Cc:     "David S . Miller" <davem@...emloft.net>,
        Nicolai Stange <nstange@...e.de>,
        Elliott Robert <elliott@....com>,
        Stephan Mueller <smueller@...onox.de>,
        Eric Biggers <ebiggers@...gle.com>,
        linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 0/6] Trivial set of FIPS 140-3 related changes

On Thu, Dec 29, 2022 at 10:17:04PM +0100, Vladis Dronov wrote:
> Hi,
> 
> This patchset and cover letter was initially composed by Nicolai Stange
> and sent earlier as:
> 
> https://lore.kernel.org/r/20221108142025.13461-1-nstange@suse.de/
> with a subject: [PATCH 0/4] Trivial set of FIPS 140-3 related changes
> 
> I'm adding patches 2 and 3 which (I hope) resolve issues spotted by
> reviewers of previous version of the patchset. This new patchset should
> ease our future kernel work on the FIPS mode.
> 
> I'm quoting Nicolai's cover letter here:
> 
> > Hi all,
> > 
> > these four rather unrelated patches are basically a dump of some of the
> > more trivial changes required for working towards FIPS 140-3 conformance.
> > 
> > Please pick as you deem appropriate.
> > 
> > Thanks!
> > 
> > Nicolai
> 
> v2: fixed a block comment formatting
> 
> v3: "Reviewed-by: Eric Biggers" was copied from the v1 thread:
>     https://lore.kernel.org/r/Y6OXuT95MlkNanSR@sol.localdomain/
> 
> Nicolai Stange (4):
>   crypto: xts - restrict key lengths to approved values in FIPS mode
>   crypto: testmgr - disallow plain cbcmac(aes) in FIPS mode
>   crypto: testmgr - disallow plain ghash in FIPS mode
>   crypto: testmgr - allow ecdsa-nist-p256 and -p384 in FIPS mode
> 
> Vladis Dronov (2):
>   crypto: xts - drop xts_check_key()
>   crypto: xts - drop redundant xts key check
> 
>  arch/s390/crypto/aes_s390.c                   |  4 ---
>  arch/s390/crypto/paes_s390.c                  |  2 +-
>  crypto/testmgr.c                              |  4 +--
>  drivers/crypto/atmel-aes.c                    |  2 +-
>  drivers/crypto/axis/artpec6_crypto.c          |  2 +-
>  drivers/crypto/cavium/cpt/cptvf_algs.c        |  8 +++---
>  .../crypto/cavium/nitrox/nitrox_skcipher.c    |  8 +++---
>  drivers/crypto/ccree/cc_cipher.c              |  2 +-
>  .../crypto/marvell/octeontx/otx_cptvf_algs.c  |  2 +-
>  .../marvell/octeontx2/otx2_cptvf_algs.c       |  2 +-
>  include/crypto/xts.h                          | 25 +++++++------------
>  11 files changed, 23 insertions(+), 38 deletions(-)
> 
> base-commit: b6bb9676f2165d518b35ba3bea5f1fcfc0d969bf
> -- 
> 2.38.1

All applied.  Thanks.
-- 
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ