Received: by 2002:a05:6358:16cc:b0:ea:6187:17c9 with SMTP id r12csp6463915rwl;
        Thu, 29 Dec 2022 13:24:08 -0800 (PST)
X-Google-Smtp-Source: AMrXdXvXzb/onLgXtdimZe+XsmyrrCH+TTgwBRrnQLMi51CKkV+3Ybh2hpcE6gWS2Ji3/4VgaaQV
X-Received: by 2002:a17:902:6b89:b0:189:cf92:6f5c with SMTP id p9-20020a1709026b8900b00189cf926f5cmr32259157plk.52.1672349048331;
        Thu, 29 Dec 2022 13:24:08 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1672349048; cv=none;
        d=google.com; s=arc-20160816;
        b=LM28AfeBOR8EYZXgMBl/ha5Q3xjFMYBJdLN9IwHw0TUqgigk5jXRGfO8azFZE42BLu
         VZ2U6CqNPJPm64d2RoiZx5xsOs+MnheTQG2kCrxWrCS/ZUMAmMoGZLIgm5E3LVXd/rt1
         iFoQonBpQ/psL9nhuMoHOOmVP7YUDCaWaTQ+bAwIw3531eA8BBTO1bZphClKPsrVjVlo
         lFmiliP5u6d+PkagQAp8OhPgbEYBRx4r1riiv+KHovJGzIuXy3lyH8OjHprecUW2BQ0e
         yKVeWO3nmufLn028VOiC7Knv5nH7Mfw6k7Me6t12lpYEKjK1cgfTs3nqR3zXwdpI25WG
         XIBw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=mv0JdiEUm8fY4r7rY54vtlemTUttCXqsgsmptQYzLmc=;
        b=rUGafDDNWlsGRGwAnM1GeQHq324nV+9r8vwU2qyn9uXA6v6DZQy/tMh2aC+YQdfQzT
         K1PkKBj4s+C3cGzknQ5ETr6MeFNB0MjTNiK5uCYdneKpSuwFIwSMcN8Joz8LoH7hf0pQ
         etOEEGDXA6tMqZ7FKdsNZeqVEbDiWA0ngcG7MtUfKarvWuUF4z9vgRzixLoFHgSw3ISN
         axJJqLVoTfcFjAPqnfIyoiYL0cSY9IGvQFIrbqWGyILWPL0qiPsqezLCjvxR8kNCoWZu
         Fs8y5E4Es4vQShHIl/7ig+2KVoNzNZkCcoHzum8ymaIQDa965qOsUos5WMHj+UyO3kM4
         sDMQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=a87v4YPZ;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id i2-20020a170902c94200b0019294cce398si6014528pla.314.2022.12.29.13.23.55;
        Thu, 29 Dec 2022 13:24:08 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=a87v4YPZ;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S234198AbiL2VTh (ORCPT <rfc822;logchen2009@gmail.com>
        + 99 others); Thu, 29 Dec 2022 16:19:37 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39726 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S234227AbiL2VS0 (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Thu, 29 Dec 2022 16:18:26 -0500
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0A45810B69
        for <linux-crypto@vger.kernel.org>; Thu, 29 Dec 2022 13:17:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1672348660;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=mv0JdiEUm8fY4r7rY54vtlemTUttCXqsgsmptQYzLmc=;
        b=a87v4YPZHS+Y0XBQPLO34l0S00YORinwSDktwMu/MTJ20r7h4oYb6HtVK8F2Ylc2LWBqKr
        N8921iNA7F9QRc0ImlvS78ZGSEaD+++Hfbvnme6eYF3Jm4KJha1LLv1pEW4pSWmnvDKcRM
        F34a/gWvF1mj1sZ7ZmB0Qj7zCB3CUhw=
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-664-nogLPySSPCmKjss8zI-pRA-1; Thu, 29 Dec 2022 16:17:36 -0500
X-MC-Unique: nogLPySSPCmKjss8zI-pRA-1
Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx02.redhat.com (Postfix) with ESMTPS id DE14C1C05AC5;
        Thu, 29 Dec 2022 21:17:35 +0000 (UTC)
Received: from rules.brq.redhat.com (ovpn-208-2.brq.redhat.com [10.40.208.2])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 7FBC5492B00;
        Thu, 29 Dec 2022 21:17:33 +0000 (UTC)
From:   Vladis Dronov <vdronov@redhat.com>
To:     Herbert Xu <herbert@gondor.apana.org.au>,
        "David S . Miller" <davem@davemloft.net>
Cc:     Nicolai Stange <nstange@suse.de>, Elliott Robert <elliott@hpe.com>,
        Stephan Mueller <smueller@chronox.de>,
        Eric Biggers <ebiggers@google.com>,
        linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
        Vladis Dronov <vdronov@redhat.com>
Subject: [PATCH v3 6/6] crypto: testmgr - allow ecdsa-nist-p256 and -p384 in FIPS mode
Date:   Thu, 29 Dec 2022 22:17:10 +0100
Message-Id: <20221229211710.14912-7-vdronov@redhat.com>
In-Reply-To: <20221229211710.14912-1-vdronov@redhat.com>
References: <20221229211710.14912-1-vdronov@redhat.com>
MIME-Version: 1.0
Content-type: text/plain
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.10
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,
        RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

From: Nicolai Stange <nstange@suse.de>

The kernel provides implementations of the NIST ECDSA signature
verification primitives. For key sizes of 256 and 384 bits respectively
they are approved and can be enabled in FIPS mode. Do so.

Signed-off-by: Nicolai Stange <nstange@suse.de>
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
---
 crypto/testmgr.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index a223cf5f3626..795c4858c741 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -5034,12 +5034,14 @@ static const struct alg_test_desc alg_test_descs[] = {
 	}, {
 		.alg = "ecdsa-nist-p256",
 		.test = alg_test_akcipher,
+		.fips_allowed = 1,
 		.suite = {
 			.akcipher = __VECS(ecdsa_nist_p256_tv_template)
 		}
 	}, {
 		.alg = "ecdsa-nist-p384",
 		.test = alg_test_akcipher,
+		.fips_allowed = 1,
 		.suite = {
 			.akcipher = __VECS(ecdsa_nist_p384_tv_template)
 		}
-- 
2.38.1