As FIPS is only able to verify the compliance of pkcs1pad the
underlying "rsa" algorithm should not be marked as fips_allowed.
Reported-by: Clemens Lang <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index dd748832ed4a..6fbb56c6bd4c 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -5467,7 +5467,6 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "rsa",
.test = alg_test_akcipher,
- .fips_allowed = 1,
.suite = {
.akcipher = __VECS(rsa_tv_template)
}
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
On Wed, Feb 8, 2023 at 10:27 AM Herbert Xu <[email protected]> wrote:
> As FIPS is only able to verify the compliance of pkcs1pad the
> underlying "rsa" algorithm should not be marked as fips_allowed.
>
> Reported-by: Clemens Lang <[email protected]>
> Signed-off-by: Herbert Xu <[email protected]>
Seems to work as expected - with the patch I get the following lines
in the kernel console (in FIPS MODE:
[ 0.961355] alg: rsa (rsa-generic) is disabled due to FIPS
[ 0.962025] alg: self-tests for pkcs1pad(rsa-generic,sha512)
(pkcs1pad(rsa,sha512)) passed
[ 1.119701] alg: self-tests for pkcs1pad(rsa-generic,sha256)
(pkcs1pad(rsa,sha256)) passed
So I take it the pkcs1pad(...) algos work (the tests passed), while
the plain rsa will not be usable.
On a kernel without the patch I get (in FIPS mode):
[ 0.990012] alg: self-tests for rsa-generic (rsa) passed
[ 0.990753] alg: self-tests for pkcs1pad(rsa-generic,sha512)
(pkcs1pad(rsa,sha512)) passed
[ 1.301441] alg: self-tests for pkcs1pad(rsa-generic,sha256)
(pkcs1pad(rsa,sha256)) passed
Also, if I additionally apply [1], the "fips: yes/no" output in
/proc/crypto matches the expectations.
Tested-by: Ondrej Mosnacek <[email protected]>
[1] https://lore.kernel.org/all/[email protected]/
>
> diff --git a/crypto/testmgr.c b/crypto/testmgr.c
> index dd748832ed4a..6fbb56c6bd4c 100644
> --- a/crypto/testmgr.c
> +++ b/crypto/testmgr.c
> @@ -5467,7 +5467,6 @@ static const struct alg_test_desc alg_test_descs[] = {
> }, {
> .alg = "rsa",
> .test = alg_test_akcipher,
> - .fips_allowed = 1,
> .suite = {
> .akcipher = __VECS(rsa_tv_template)
> }
> --
> Email: Herbert Xu <[email protected]>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
>
--
Ondrej Mosnacek
Senior Software Engineer, Linux Security - SELinux kernel
Red Hat, Inc.
On Thu, Feb 09, 2023 at 04:33:34PM +0100, Ondrej Mosnacek wrote:
>
> Seems to work as expected - with the patch I get the following lines
> in the kernel console (in FIPS MODE:
Thanks for checking Ondrej!
As Clemens informed me that this patch is no longer needed I'm
withdrawing it for now.
Cheers,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt