crypto: testmgr - mark cts(cbc(aes)) as FIPS allowed

Gilad Ben-Yossef · herbertx · commit 196ad6043e9f · 2018-11-09T17:41:39.000+08:00
As per Sp800-38A addendum from Oct 2010[1], cts(cbc(aes)) is allowed as a FIPS mode algorithm. Mark it as such. [1] https://csrc.nist.gov/publications/detail/sp/800-38a/addendum/final Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Reviewed-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
@@ -2812,6 +2812,7 @@ static const struct alg_test_desc alg_test_descs[] = {
 	}, {
 		.alg = "cts(cbc(aes))",
 		.test = alg_test_skcipher,
+		.fips_allowed = 1,
 		.suite = {
 			.cipher = __VECS(cts_mode_tv_template)
 		}

Original file line number	Diff line number	Diff line change
`@@ -2812,6 +2812,7 @@ static const struct alg_test_desc alg_test_descs[] = {`
`2812`	`2812`	`}, {`
`2813`	`2813`	`.alg = "cts(cbc(aes))",`
`2814`	`2814`	`.test = alg_test_skcipher,`
	`2815`	`+ .fips_allowed = 1,`
`2815`	`2816`	`.suite = {`
`2816`	`2817`	`.cipher = __VECS(cts_mode_tv_template)`
`2817`	`2818`	`}`