Re: [PATCH] crypto: api - Disallow sha1 in FIPS-mode while allowing hmac(sha1)

From: Herbert Xu
Date: Tue Jan 11 2022 - 05:34:55 EST


On Tue, Jan 11, 2022 at 08:50:18AM +0100, Nicolai Stange wrote:
>
> I haven't tried, but wouldn't this allow the instantiation of e.g.
> hmac(blake2s-256) in FIPS mode?

You're right. The real issue is that any algorithm with no tests
at all is allowed in FIPS mode. That's clearly suboptimal. But we
can't just ban every unknown algorithm because we rely on that
to let things like echainiv through.

Let me figure out a way to differentiate these two cases.

Thanks,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt