Hi Herbert, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> writes: > On Fri, Jan 07, 2022 at 01:44:34PM +1100, Herbert Xu wrote: >> >> I'm already writing this up for sha1 anyway so let me polish it >> off and I'll post it soon which you can then reuse it for dh. > > Here is something that seems to work for sha1/hmac. Please let > me know if you see any issues with this approach for dh. > > Thanks, > > ---8<--- > Currently we do not distinguish between algorithms that fail on > the self-test vs. those which are disabled in FIPS mode (not allowed). > Both are marked as having failed the self-test. > > As it has been requested that we need to disable sha1 in FIPS > mode while still allowing hmac(sha1) this approach needs to change. > > This patch allows this scenario by adding a new flag FIPS_INTERNAL > to indicate those algorithms that have passed the self-test and are > not FIPS-allowed. They can then be used for the self-testing of > other algorithms or by those that are explicitly allowed to use them > (currently just hmac). I haven't tried, but wouldn't this allow the instantiation of e.g. hmac(blake2s-256) in FIPS mode? Thanks, Nicolai > > Note that as a side-effect of this patch algorithms which are not > FIPS-allowed will now return ENOENT instead of ELIBBAD. Hopefully > this is not an issue as some people were relying on this already. > > Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> > -- SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany (HRB 36809, AG Nürnberg), GF: Ivo Totev
