From: Stephan Mueller <smueller@chronox.de>
To: Marcus Meissner <meissner@suse.de>
Cc: herbert@gondor.apana.org.au, davem@davemloft.net,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] crypto: fips: allow more ipsec related methods
Date: Tue, 09 Feb 2016 14:44:59 +0100 [thread overview]
Message-ID: <2476935.g0THXc6DOC@tauon.atsec.com> (raw)
In-Reply-To: <1455010357-1295-1-git-send-email-meissner@suse.de>
Am Dienstag, 9. Februar 2016, 10:32:37 schrieb Marcus Meissner:
Hi Marcus,
>IPSEC for aes-ctr requests:
>
> authenc(digest_null,rfc3686(ctr(aes)))
>
>which can be used in FIPS mode.
>
>rfc3686(ctr(aes)) is already allowed for FIPS usage.
>
>I also allowed "digest_null" for FIPS usage.
>
>Signed-off-by: Marcus Meissner <meissner@suse.de>
I am sorry, but I would say NACK here.
The reason is that the authenc() ciphers are AEAD ciphers. Such ciphers are
defined to be allowed for FIPS 140-2 usage in SP800-38F. But that SP only
allows ciphers if there is an authentication (i.e. a MAC) involved. With the
added authenc() algo, there seems to be no MAC.
In addition, the NULL cipher definitely cannot be considered allowed in FIPS
mode.
>---
> crypto/testmgr.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
>diff --git a/crypto/testmgr.c b/crypto/testmgr.c
>index 190a290..6ad8ba2 100644
>--- a/crypto/testmgr.c
>+++ b/crypto/testmgr.c
>@@ -2089,6 +2089,10 @@ static const struct alg_test_desc alg_test_descs[] = {
>}
> }
> }, {
>+ .alg = "authenc(digest_null,rfc3686(ctr(aes)))",
>+ .test = alg_test_null,
>+ .fips_allowed = 1,
>+ }, {
> .alg = "authenc(hmac(md5),ecb(cipher_null))",
> .test = alg_test_aead,
> .suite = {
>@@ -2768,6 +2772,7 @@ static const struct alg_test_desc alg_test_descs[] = {
> }, {
> .alg = "digest_null",
> .test = alg_test_null,
>+ .fips_allowed = 1,
> }, {
> .alg = "drbg_nopr_ctr_aes128",
> .test = alg_test_drbg,
Ciao
Stephan
prev parent reply other threads:[~2016-02-09 13:45 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-09 9:32 [PATCH] crypto: fips: allow more ipsec related methods Marcus Meissner
2016-02-09 13:44 ` Stephan Mueller [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2476935.g0THXc6DOC@tauon.atsec.com \
--to=smueller@chronox.de \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=meissner@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.