summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStephan Müller <smueller@chronox.de>2022-02-01 09:40:58 +0100
committerHerbert Xu <herbert@gondor.apana.org.au>2022-02-11 20:22:01 +1100
commitc9c28ed0ab611b6ee3bfab88eba334e272642433 (patch)
tree8d263945e0bca189fc5ba7f195fe102a717c8ed5
parent95e26b0391d085bbdbe1a82ffaaf2f92a3f71433 (diff)
crypto: hmac - add fips_skip support
By adding the support for the flag fips_skip, hash / HMAC test vectors may be marked to be not applicable in FIPS mode. Such vectors are silently skipped in FIPS mode. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-rw-r--r--crypto/testmgr.c3
-rw-r--r--crypto/testmgr.h2
2 files changed, 5 insertions, 0 deletions
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 3a5a3e5cb77b..0c2efde2f6c6 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -1851,6 +1851,9 @@ static int __alg_test_hash(const struct hash_testvec *vecs,
}
for (i = 0; i < num_vecs; i++) {
+ if (fips_enabled && vecs[i].fips_skip)
+ continue;
+
err = test_hash_vec(&vecs[i], i, req, desc, tsgl, hashstate);
if (err)
goto out;
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index a253d66ba1c1..17b37525f289 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -33,6 +33,7 @@
* @ksize: Length of @key in bytes (0 if no key)
* @setkey_error: Expected error from setkey()
* @digest_error: Expected error from digest()
+ * @fips_skip: Skip the test vector in FIPS mode
*/
struct hash_testvec {
const char *key;
@@ -42,6 +43,7 @@ struct hash_testvec {
unsigned short ksize;
int setkey_error;
int digest_error;
+ bool fips_skip;
};
/*