[2/4] crypto: drbg - update FIPS CTR self-checks to aes256

Message ID	20231029204823.663930-2-dimitri.ledkov@canonical.com
State	Accepted
Commit	a9dc62988600e57cabcca9b357cde4df8ee61fb5
Headers	show Return-Path: <linux-crypto-owner@vger.kernel.org> From: Dimitri John Ledkov <dimitri.ledkov@canonical.com> To: Herbert Xu <herbert@gondor.apana.org.au>, "David S. Miller" <davem@davemloft.net>, Stephan Mueller <smueller@chronox.de> Cc: simo@redhat.com, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 2/4] crypto: drbg - update FIPS CTR self-checks to aes256 Date: Sun, 29 Oct 2023 22:48:21 +0200 Message-Id: <20231029204823.663930-2-dimitri.ledkov@canonical.com> In-Reply-To: <20231029204823.663930-1-dimitri.ledkov@canonical.com> References: <20231029204823.663930-1-dimitri.ledkov@canonical.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	None \| expand [2/4] crypto: drbg - update FIPS CTR self-checks to aes256 [3/4] crypto: drbg - ensure drbg hmac sha512 is used in FIPS selftests

Message ID

20231029204823.663930-2-dimitri.ledkov@canonical.com

State

Accepted

Commit

a9dc62988600e57cabcca9b357cde4df8ee61fb5

Headers

From: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
To: Herbert Xu <herbert@gondor.apana.org.au>,
        "David S. Miller" <davem@davemloft.net>,
        Stephan Mueller <smueller@chronox.de>
Cc: simo@redhat.com, linux-crypto@vger.kernel.org,
        linux-kernel@vger.kernel.org
Subject: [PATCH 2/4] crypto: drbg - update FIPS CTR self-checks to aes256
Date: Sun, 29 Oct 2023 22:48:21 +0200
Message-Id: <20231029204823.663930-2-dimitri.ledkov@canonical.com>
In-Reply-To: <20231029204823.663930-1-dimitri.ledkov@canonical.com>
References: <20231029204823.663930-1-dimitri.ledkov@canonical.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

None | expand

Commit Message

Dimitri John Ledkov Oct. 29, 2023, 8:48 p.m. UTC

When originally drbg was introduced FIPS self-checks for all types but
CTR were using the most preferred parameters for each type of
DRBG. Update CTR self-check to use aes256.

Fixes: 541af946fe ("crypto: drbg - SP800-90A Deterministic Random Bit Generator")
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
---
 crypto/drbg.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

Comments

Stephan Mueller Oct. 30, 2023, 10:23 a.m. UTC | #1

Am Sonntag, 29. Oktober 2023, 21:48:21 CET schrieb Dimitri John Ledkov:

Hi Dimitri,

> When originally drbg was introduced FIPS self-checks for all types but
> CTR were using the most preferred parameters for each type of
> DRBG. Update CTR self-check to use aes256.
> 
> Fixes: 541af946fe ("crypto: drbg - SP800-90A Deterministic Random Bit
> Generator") Signed-off-by: Dimitri John Ledkov
> <dimitri.ledkov@canonical.com>



> ---
>  crypto/drbg.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/crypto/drbg.c b/crypto/drbg.c
> index 2cce18dcfc..b120e2866b 100644
> --- a/crypto/drbg.c
> +++ b/crypto/drbg.c
> @@ -1478,8 +1478,8 @@ static int drbg_generate(struct drbg_state *drbg,
>  			err = alg_test("drbg_pr_hmac_sha256",
>  				       "drbg_pr_hmac_sha256", 0, 0);
>  		else if (drbg->core->flags & DRBG_CTR)
> -			err = alg_test("drbg_pr_ctr_aes128",
> -				       "drbg_pr_ctr_aes128", 0, 0);
> +			err = alg_test("drbg_pr_ctr_aes256",
> +				       "drbg_pr_ctr_aes256", 0, 0);
>  		else
>  			err = alg_test("drbg_pr_sha256",
>  				       "drbg_pr_sha256", 0, 0);
> @@ -2017,7 +2017,7 @@ static inline int __init drbg_healthcheck_sanity(void)
> return 0;
> 
>  #ifdef CONFIG_CRYPTO_DRBG_CTR
> -	drbg_convert_tfm_core("drbg_nopr_ctr_aes128", &coreref, &pr);
> +	drbg_convert_tfm_core("drbg_nopr_ctr_aes256", &coreref, &pr);
>  #endif
>  #ifdef CONFIG_CRYPTO_DRBG_HASH
>  	drbg_convert_tfm_core("drbg_nopr_sha256", &coreref, &pr);

I am not sure again whether this warrants a "Fixes" tag, because the first 
modification is in a commented-out code section and the latter again intends 
to test the DRBG thresholds and thus just needs "a" DRBG.

Anyhow:

Reviewed-by: Stephan Mueller <smueller@chronox.de>


Ciao
Stephan

diff --git a/crypto/drbg.c b/crypto/drbg.c
index 2cce18dcfc..b120e2866b 100644
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -1478,8 +1478,8 @@  static int drbg_generate(struct drbg_state *drbg,
 			err = alg_test("drbg_pr_hmac_sha256",
 				       "drbg_pr_hmac_sha256", 0, 0);
 		else if (drbg->core->flags & DRBG_CTR)
-			err = alg_test("drbg_pr_ctr_aes128",
-				       "drbg_pr_ctr_aes128", 0, 0);
+			err = alg_test("drbg_pr_ctr_aes256",
+				       "drbg_pr_ctr_aes256", 0, 0);
 		else
 			err = alg_test("drbg_pr_sha256",
 				       "drbg_pr_sha256", 0, 0);
@@ -2017,7 +2017,7 @@  static inline int __init drbg_healthcheck_sanity(void)
 		return 0;
 
 #ifdef CONFIG_CRYPTO_DRBG_CTR
-	drbg_convert_tfm_core("drbg_nopr_ctr_aes128", &coreref, &pr);
+	drbg_convert_tfm_core("drbg_nopr_ctr_aes256", &coreref, &pr);
 #endif
 #ifdef CONFIG_CRYPTO_DRBG_HASH
 	drbg_convert_tfm_core("drbg_nopr_sha256", &coreref, &pr);

[2/4] crypto: drbg - update FIPS CTR self-checks to aes256

Commit Message

Comments

Patch