crypto: testmgr - allow ecdsa-nist-p256 and -p384 in FIPS mode

The kernel provides implementations of the NIST ECDSA signature verification primitives. For key sizes of 256 and 384 bits respectively they are approved and can be enabled in FIPS mode. Do so. Signed-off-by: Nicolai Stange <nstange@suse.de> Signed-off-by: Vladis Dronov <vdronov@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
author: Nicolai Stange <nstange@suse.de> 2022-12-30 00:17:10 +0300
committer: Herbert Xu <herbert@gondor.apana.org.au> 2023-01-06 12:15:47 +0300
commit: c27b2d2012e1826674255b9e45b61c172a267e1c (patch)
tree: 8225b91f54e69a3e49604c97214c1468c9273e80 /crypto
parent: 2912eb9b17ac29facd799ffe05fdb7cf10017e82 (diff)
download: linux-c27b2d2012e1826674255b9e45b61c172a267e1c.tar.xz
1 files changed, 2 insertions, 0 deletions
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index a223cf5f3626..795c4858c741 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -5034,12 +5034,14 @@ static const struct alg_test_desc alg_test_descs[] = {
 	}, {
 		.alg = "ecdsa-nist-p256",
 		.test = alg_test_akcipher,
+		.fips_allowed = 1,
 		.suite = {
 			.akcipher = __VECS(ecdsa_nist_p256_tv_template)
 		}
 	}, {
 		.alg = "ecdsa-nist-p384",
 		.test = alg_test_akcipher,
+		.fips_allowed = 1,
 		.suite = {
 			.akcipher = __VECS(ecdsa_nist_p384_tv_template)
 		}
author	Nicolai Stange <nstange@suse.de>	2022-12-30 00:17:10 +0300
committer	Herbert Xu <herbert@gondor.apana.org.au>	2023-01-06 12:15:47 +0300
commit	c27b2d2012e1826674255b9e45b61c172a267e1c (patch)
tree	8225b91f54e69a3e49604c97214c1468c9273e80 /crypto
parent	2912eb9b17ac29facd799ffe05fdb7cf10017e82 (diff)
download	linux-c27b2d2012e1826674255b9e45b61c172a267e1c.tar.xz