IPSEC for aes-ctr requests: authenc(digest_null,rfc3686(ctr(aes))) which can be used in FIPS mode. rfc3686(ctr(aes)) is already allowed for FIPS usage. I also allowed "digest_null" for FIPS usage. Signed-off-by: Marcus Meissner <meissner@xxxxxxx> --- crypto/testmgr.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/crypto/testmgr.c b/crypto/testmgr.c index 190a290..6ad8ba2 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -2089,6 +2089,10 @@ static const struct alg_test_desc alg_test_descs[] = { } } }, { + .alg = "authenc(digest_null,rfc3686(ctr(aes)))", + .test = alg_test_null, + .fips_allowed = 1, + }, { .alg = "authenc(hmac(md5),ecb(cipher_null))", .test = alg_test_aead, .suite = { @@ -2768,6 +2772,7 @@ static const struct alg_test_desc alg_test_descs[] = { }, { .alg = "digest_null", .test = alg_test_null, + .fips_allowed = 1, }, { .alg = "drbg_nopr_ctr_aes128", .test = alg_test_drbg, -- 2.1.4 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html