Hi, this is patch set version 2 for adding the HMAC limitation to disallow keys < 112 bits in FIPS mode. Version 2 changes: As requested, instead of ifdef'ing test vectors out that violate the constraint added with this patch set, they are compiled but disabled in FIPS mode based on the .fips_skip flag. The first patch adds the generic support for the fips_skip flag to hashes / HMAC test vectors similarly to the support found for symmetric algorithms. The second patch uses the fips_skip flag to mark offending test vectors. Stephan Mueller (2): crypto: HMAC - add fips_skip support crypto: HMAC - disallow keys < 112 bits in FIPS mode crypto/hmac.c | 4 ++++ crypto/testmgr.c | 3 +++ crypto/testmgr.h | 11 +++++++++++ 3 files changed, 18 insertions(+) -- 2.33.1
