Hello All,
"Make fips=1 work on 4.1", they said, wittily, "it'll be easy."
I suppose it wasn't that complicated, although I seem to be unearthing
other problems as I go along. The first problem was dracut (and I owe
an upstream patch for that) and the second problem was tcrypt.
The tcrypt module was failing on authenc ciphers that wrap non-FIPS
ciphers and hashes. These ones in fact:
authenc(hmac(md5),ecb(cipher_null))
authenc(hmac(sha1),cbc(des))
authenc(hmac(sha1),ecb(cipher_null))
authenc(hmac(sha224),cbc(des))
authenc(hmac(sha256),cbc(des))
authenc(hmac(sha384),cbc(des))
authenc(hmac(sha512),cbc(des))
I'm fairly sure that wrapping des, cipher_null and md5 in authenc
shouldn't make them fips-allowed so the following patch simply removes
that.
Interestingly, some of these just failed outright and others just sat
there chewing CPU time. I think that's just a curiousity though,
rather than a problem.
jch
John Haxby (1):
Disable fips-allowed for non-FIPS authenc ciphers
crypto/testmgr.c | 7 -------
1 file changed, 7 deletions(-)
--
2.4.3
Tests that contain non-FIPS ciphers and hashes cannot themselves be
.fips-allowed because they will necessarily fail.
Signed-off-by: John Haxby <[email protected]>
---
crypto/testmgr.c | 7 -------
1 file changed, 7 deletions(-)
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index fa18753..68799dc 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2080,7 +2080,6 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "authenc(hmac(md5),ecb(cipher_null))",
.test = alg_test_aead,
- .fips_allowed = 1,
.suite = {
.aead = {
.enc = {
@@ -2110,7 +2109,6 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "authenc(hmac(sha1),cbc(des))",
.test = alg_test_aead,
- .fips_allowed = 1,
.suite = {
.aead = {
.enc = {
@@ -2138,7 +2136,6 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "authenc(hmac(sha1),ecb(cipher_null))",
.test = alg_test_aead,
- .fips_allowed = 1,
.suite = {
.aead = {
.enc = {
@@ -2158,7 +2155,6 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "authenc(hmac(sha224),cbc(des))",
.test = alg_test_aead,
- .fips_allowed = 1,
.suite = {
.aead = {
.enc = {
@@ -2200,7 +2196,6 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "authenc(hmac(sha256),cbc(des))",
.test = alg_test_aead,
- .fips_allowed = 1,
.suite = {
.aead = {
.enc = {
@@ -2228,7 +2223,6 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "authenc(hmac(sha384),cbc(des))",
.test = alg_test_aead,
- .fips_allowed = 1,
.suite = {
.aead = {
.enc = {
@@ -2270,7 +2264,6 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "authenc(hmac(sha512),cbc(des))",
.test = alg_test_aead,
- .fips_allowed = 1,
.suite = {
.aead = {
.enc = {
--
2.4.3
Am Donnerstag, 24. September 2015, 17:02:03 schrieb John Haxby:
Hi John,
>Tests that contain non-FIPS ciphers and hashes cannot themselves be
>.fips-allowed because they will necessarily fail.
>
>Signed-off-by: John Haxby <[email protected]>
This is a good finding.
In fact, all authenc() ciphers are not FIPS approved ciphers.
The flag for that should be removed for all of those.
After checking in detail, the following FIPS flags should be removed as well:
- ecb(des)
- ansi_cprng (at least at the end of this year)
Ciao
Stephan
On 24/09/15 17:58, Stephan Mueller wrote:
> Am Donnerstag, 24. September 2015, 17:02:03 schrieb John Haxby:
>
> Hi John,
>
>> >Tests that contain non-FIPS ciphers and hashes cannot themselves be
>> >.fips-allowed because they will necessarily fail.
>> >
>> >Signed-off-by: John Haxby <[email protected]>
> This is a good finding.
>
> In fact, all authenc() ciphers are not FIPS approved ciphers.
>
> The flag for that should be removed for all of those.
>
> After checking in detail, the following FIPS flags should be removed as well:
>
> - ecb(des)
>
> - ansi_cprng (at least at the end of this year)
Thanks Stephan.
Updated patch on its way.
jch