[PATCH] crypto: testmgr - Disable raw RSA in FIPS mode

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



As FIPS is only able to verify the compliance of pkcs1pad the
underlying "rsa" algorithm should not be marked as fips_allowed.

Reported-by: Clemens Lang <cllang@xxxxxxxxxx>
Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index dd748832ed4a..6fbb56c6bd4c 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -5467,7 +5467,6 @@ static const struct alg_test_desc alg_test_descs[] = {
 	}, {
 		.alg = "rsa",
 		.test = alg_test_akcipher,
-		.fips_allowed = 1,
 		.suite = {
 			.akcipher = __VECS(rsa_tv_template)
 		}
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux