[PATCH] crypto: ANSI X9.31 DRNG is not allowed in FIPS 140-2

From: Stephan Mueller
Date: Tue Jan 05 2016 - 07:12:31 EST

Next message: Andy Shevchenko: "Re: [PATCH] i2c/designware: enable i2c controller to suspend/resume asynchronously"
Previous message: Martin Schwidefsky: "Re: [PATCH v2 22/32] s390: define __smp_xxx"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

As per update of the FIPS 140-2 Annex C supported by SP800-131A, the
ANSI X9.31 DRNG is not an allowed cipher in FIPS mode any more.

CC: Neil Horman <nhorman@xxxxxxxxxxxxx>
Signed-off-by: Stephan Mueller <smueller@xxxxxxxxxx>
---
crypto/testmgr.c | 1 -
1 file changed, 1 deletion(-)

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index ae8c57fd..5c0963d 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2081,7 +2081,6 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "ansi_cprng",
.test = alg_test_cprng,
- .fips_allowed = 1,
.suite = {
.cprng = {
.vecs = ansi_cprng_aes_tv_template,
--
2.5.0

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andy Shevchenko: "Re: [PATCH] i2c/designware: enable i2c controller to suspend/resume asynchronously"
Previous message: Martin Schwidefsky: "Re: [PATCH v2 22/32] s390: define __smp_xxx"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]