Received: by 2002:a05:6358:f14:b0:e5:3b68:ec04 with SMTP id b20csp6395569rwj;
        Wed, 21 Dec 2022 15:08:46 -0800 (PST)
X-Google-Smtp-Source: AMrXdXv2nSjzj3CpzmAPvYkTdIbuof3A9x2VUxFhPGif2zPPfhXDa+26rp4YvZ/EiuCJIMDYIuUi
X-Received: by 2002:a05:6a20:94c3:b0:ad:dcdf:aaad with SMTP id ht3-20020a056a2094c300b000addcdfaaadmr5085180pzb.19.1671664125784;
        Wed, 21 Dec 2022 15:08:45 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1671664125; cv=none;
        d=google.com; s=arc-20160816;
        b=1C57EvEcaBch2zZgwhapQuE+sUtggkz065shtJt94n5t6j4hz7OjN4DVYVU9LbwTdF
         gPs7ZEcwmW5q6KSuucZE3K/tPKlXSnPhUYNBequ+DJfPOd6gXAqJ/KXH3L3G+kk3vJ10
         42lae8JksvclwfJO7mLCX73vvjBPd/E46ZjQ9pVm0r36kgSEOxWCEMaayWbb/zaq+MWW
         ThLYnJ0QzjzuORn5wNFd/gDwC12yhQvPeXiOgXkemth6RK4KJ/o43h+G/YyRdyuCmEWh
         /3T50WVbgKDbm3iEnMwcjNAviT+7EcNokUu5LfHyz3M7qwGHU3jSiHRdmMNU/rR0Yzpx
         KUAQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=mv0JdiEUm8fY4r7rY54vtlemTUttCXqsgsmptQYzLmc=;
        b=eKc5AurL7GTW60AXRW3jdBHleRc/rZn7gUE+BnpI7dGKQfIBMC9L0TtpoaHtdi6Gwe
         wmPKdIxMmHuir03DKqskEDnmyfCjaTPPEkhE0m4e6ExygRAhhPS9HzKa/+ANzopcN5/d
         TOZ+EAaF/w6S48mXSOuxf+05UFPsmJ7H7sbd5uuDakkJlZo27HgVAwKSe5WDSEXXEcHf
         /QoovOxaf4EF17sVCpNZpaD9tWBY4RkIVdEqw2LLm7ILDJpc0acpV99htVmQiFFXCIke
         +igTJLIMZ2+MXj5cwmasIIXd0Z8Z+0ar7QCvZyB52HMWV9Elm9beFEtOJjBRZj1LHsLR
         Ih4g==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=cYljFLhc;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id 85-20020a630458000000b00476b6fa2963si17303274pge.599.2022.12.21.15.08.36;
        Wed, 21 Dec 2022 15:08:45 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=cYljFLhc;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S235132AbiLUWnd (ORCPT <rfc822;5losepatience@gmail.com>
        + 67 others); Wed, 21 Dec 2022 17:43:33 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51414 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235143AbiLUWnF (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 21 Dec 2022 17:43:05 -0500
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CF78523E9C
        for <linux-kernel@vger.kernel.org>; Wed, 21 Dec 2022 14:42:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1671662541;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=mv0JdiEUm8fY4r7rY54vtlemTUttCXqsgsmptQYzLmc=;
        b=cYljFLhcJFt3MYTEGZ+b0yGSZk0JDANahCTwnX/dsijkpT/D4ByryZaaNsY0YtbibWAs8M
        c9Q5Wv4MNBgMzyAYGCzJXtOIfvf88SyaQhRXEbdOmD5ba5pTeqXHiLCK2DWGokPG7ULtuj
        9Wv1KRAthi/ssWOzNI4wTw2in5kf+/U=
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-116-fKIoZ0QBPd-fRFtYSUZekg-1; Wed, 21 Dec 2022 17:42:17 -0500
X-MC-Unique: fKIoZ0QBPd-fRFtYSUZekg-1
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 4522A858F0E;
        Wed, 21 Dec 2022 22:42:17 +0000 (UTC)
Received: from rules.brq.redhat.com (ovpn-208-11.brq.redhat.com [10.40.208.11])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 409A040C2004;
        Wed, 21 Dec 2022 22:42:14 +0000 (UTC)
From:   Vladis Dronov <vdronov@redhat.com>
To:     herbert@gondor.apana.org.au, davem@davemloft.net
Cc:     nstange@suse.de, elliott@hpe.com, linux-crypto@vger.kernel.org,
        linux-kernel@vger.kernel.org, smueller@chronox.de,
        vdronov@redhat.com
Subject: [PATCH 6/6] crypto: testmgr - allow ecdsa-nist-p256 and -p384 in FIPS mode
Date:   Wed, 21 Dec 2022 23:41:11 +0100
Message-Id: <20221221224111.19254-7-vdronov@redhat.com>
In-Reply-To: <20221221224111.19254-1-vdronov@redhat.com>
References: <20221221224111.19254-1-vdronov@redhat.com>
MIME-Version: 1.0
Content-type: text/plain
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,
        RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Nicolai Stange <nstange@suse.de>

The kernel provides implementations of the NIST ECDSA signature
verification primitives. For key sizes of 256 and 384 bits respectively
they are approved and can be enabled in FIPS mode. Do so.

Signed-off-by: Nicolai Stange <nstange@suse.de>
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
---
 crypto/testmgr.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index a223cf5f3626..795c4858c741 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -5034,12 +5034,14 @@ static const struct alg_test_desc alg_test_descs[] = {
 	}, {
 		.alg = "ecdsa-nist-p256",
 		.test = alg_test_akcipher,
+		.fips_allowed = 1,
 		.suite = {
 			.akcipher = __VECS(ecdsa_nist_p256_tv_template)
 		}
 	}, {
 		.alg = "ecdsa-nist-p384",
 		.test = alg_test_akcipher,
+		.fips_allowed = 1,
 		.suite = {
 			.akcipher = __VECS(ecdsa_nist_p384_tv_template)
 		}
-- 
2.38.1