qiurui
/
Centos-kernel-stream-9
mirror of https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

crypto: hmac - add fips_skip support 

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2033512

commit c9c28ed0ab611b6ee3bfab88eba334e272642433
Author: Stephan Müller <smueller@chronox.de>
Date:   Tue Feb 1 09:40:58 2022 +0100

    crypto: hmac - add fips_skip support
    
    By adding the support for the flag fips_skip, hash / HMAC test vectors
    may be marked to be not applicable in FIPS mode. Such vectors are
    silently skipped in FIPS mode.
    
    Signed-off-by: Stephan Mueller <smueller@chronox.de>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

Signed-off-by: Herbert Xu <zxu@redhat.com>
This commit is contained in:
Herbert Xu 2022-03-04 13:34:44 +12:00
parent 117d1c1b4d
commit 7758974cb5
2 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/testmgr.c
View File

@ -1854,6 +1854,9 @@ static int __alg_test_hash(const struct hash_testvec *vecs,
}
for (i = 0; i < num_vecs; i++) {
if (fips_enabled && vecs[i].fips_skip)
continue;
err = test_hash_vec(&vecs[i], i, req, desc, tsgl, hashstate);
if (err)
goto out;

2
crypto/testmgr.h
View File

@ -33,6 +33,7 @@
* @ksize: Length of @key in bytes (0 if no key)
* @setkey_error: Expected error from setkey()
* @digest_error: Expected error from digest()
* @fips_skip: Skip the test vector in FIPS mode
*/
struct hash_testvec {
const char *key;
@ -42,6 +43,7 @@ struct hash_testvec {
unsigned short ksize;
int setkey_error;
int digest_error;
bool fips_skip;
};
/*