On Thu, Jan 06, 2022 at 03:30:04PM +0100, Stephan Mueller wrote: > > This means in FIPS mode, invoking the algo of "dh" should not be possible. > Yet, on the other hand, we cannot mark "dh" as fips_allowed == 0 as the > templates would not be able to instantiate them. Right, we have exactly the same problem with sha1 where sha1 per se should be not be allowed in FIPS mode but hmac(sha1) should be. > Therefore, I think we should mark "dh" as CRYPTO_ALG_INTERNAL if in FIPS mode. I think the annotation should be added to testmgr.c. We could mark dh and sha1 as not fips_allowed but allowed as the parameter of a template. This could then be represented in the crypto_alg object by a new flag. This flag could then be set automatically in crypto_grab_* to allow them to be picked up automatically for templates. I'm already writing this up for sha1 anyway so let me polish it off and I'll post it soon which you can then reuse it for dh. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
