diff options
| author | Jarod Wilson <jarod@redhat.com> | 2011-01-28 23:14:01 -0500 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2011-01-28 23:14:01 -0500 |
| commit | 2918aa8d1d4e7b4586a5a89dc8406e1d431f5129 (patch) | |
| tree | 587c737af80f24a1356202ce0c981f3b5120f523 | |
| parent | 33c7c0fb20dbbaca67fcf362f875758ba312f58d (diff) | |
crypto: testmgr - mark xts(aes) as fips_allowed
We (Red Hat) are intending to include dm-crypt functionality, using
xts(aes) for disk encryption, as part of an upcoming FIPS-140-2
certification effort, and xts(aes) *is* on the list of possible
mode/cipher combinations that can be certified. To make that possible, we
need to mark xts(aes) as fips_allowed in the crypto subsystem.
A 'modprobe tcrypt mode=10' in fips mode shows xts(aes) self-tests
passing successfully after this change.
Signed-off-by: Jarod Wilson <jarod@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| -rw-r--r-- | crypto/testmgr.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/testmgr.c b/crypto/testmgr.c index 27ea9fe9476f..521fdb2f7cfd 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c | |||
| @@ -2453,6 +2453,7 @@ static const struct alg_test_desc alg_test_descs[] = { | |||
| 2453 | }, { | 2453 | }, { |
| 2454 | .alg = "xts(aes)", | 2454 | .alg = "xts(aes)", |
| 2455 | .test = alg_test_skcipher, | 2455 | .test = alg_test_skcipher, |
| 2456 | .fips_allowed = 1, | ||
| 2456 | .suite = { | 2457 | .suite = { |
| 2457 | .cipher = { | 2458 | .cipher = { |
| 2458 | .enc = { | 2459 | .enc = { |