Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5AC75C433FE for ; Fri, 7 Jan 2022 02:44:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344826AbiAGCo6 (ORCPT ); Thu, 6 Jan 2022 21:44:58 -0500 Received: from helcar.hmeau.com ([216.24.177.18]:59070 "EHLO fornost.hmeau.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344689AbiAGCo5 (ORCPT ); Thu, 6 Jan 2022 21:44:57 -0500 Received: from gwarestrin.arnor.me.apana.org.au ([192.168.103.7]) by fornost.hmeau.com with smtp (Exim 4.92 #5 (Debian)) id 1n5fF4-0006RF-Jm; Fri, 07 Jan 2022 13:44:35 +1100 Received: by gwarestrin.arnor.me.apana.org.au (sSMTP sendmail emulation); Fri, 07 Jan 2022 13:44:34 +1100 Date: Fri, 7 Jan 2022 13:44:34 +1100 From: Herbert Xu To: Stephan Mueller Cc: Nicolai Stange , "David S. Miller" , Hannes Reinecke , Torsten Duwe , Zaibo Xu , Giovanni Cabiddu , David Howells , Jarkko Sakkinen , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, qat-linux@intel.com, keyrings@vger.kernel.org, simo@redhat.com Subject: Re: [PATCH v2 03/18] crypto: dh - optimize domain parameter serialization for well-known groups Message-ID: References: <20211209090358.28231-1-nstange@suse.de> <87r1a7thy0.fsf@suse.de> <2468270.qO8rWLYou6@tauon.chronox.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2468270.qO8rWLYou6@tauon.chronox.de> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jan 06, 2022 at 03:30:04PM +0100, Stephan Mueller wrote: > > This means in FIPS mode, invoking the algo of "dh" should not be possible. > Yet, on the other hand, we cannot mark "dh" as fips_allowed == 0 as the > templates would not be able to instantiate them. Right, we have exactly the same problem with sha1 where sha1 per se should be not be allowed in FIPS mode but hmac(sha1) should be. > Therefore, I think we should mark "dh" as CRYPTO_ALG_INTERNAL if in FIPS mode. I think the annotation should be added to testmgr.c. We could mark dh and sha1 as not fips_allowed but allowed as the parameter of a template. This could then be represented in the crypto_alg object by a new flag. This flag could then be set automatically in crypto_grab_* to allow them to be picked up automatically for templates. I'm already writing this up for sha1 anyway so let me polish it off and I'll post it soon which you can then reuse it for dh. Cheers, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt