On Tue, Feb 01, 2022 at 09:40:24AM +0100, Stephan Müller wrote: > Hi, > > this is patch set version 2 for adding the HMAC limitation to disallow > keys < 112 bits in FIPS mode. > > Version 2 changes: > > As requested, instead of ifdef'ing test vectors out that violate the > constraint added with this patch set, they are compiled but disabled in > FIPS mode based on the .fips_skip flag. > > The first patch adds the generic support for the fips_skip flag to > hashes / HMAC test vectors similarly to the support found for symmetric > algorithms. > > The second patch uses the fips_skip flag to mark offending test vectors. > > Stephan Mueller (2): > crypto: HMAC - add fips_skip support > crypto: HMAC - disallow keys < 112 bits in FIPS mode > > crypto/hmac.c | 4 ++++ > crypto/testmgr.c | 3 +++ > crypto/testmgr.h | 11 +++++++++++ > 3 files changed, 18 insertions(+) All applied. Thanks. -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
