diff options
| author | Jeff Barnes <jeffbarnes@linux.microsoft.com> | 2026-04-23 11:21:41 -0400 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2026-05-07 16:10:02 +0800 |
| commit | 76d2e560c76dabbf9f31f4311069e68610d1ac18 (patch) | |
| tree | 0c5da31299776730a037ee333c3418e610ddc719 /crypto | |
| parent | 25056329384010a8672552b134f609601dc4f80e (diff) | |
| download | linux-next-history-76d2e560c76dabbf9f31f4311069e68610d1ac18.tar.gz | |
crypto: testmgr - disallow RSA PKCS#1 SHA-1 sig algs in FIPS mode
When booted with fips=1, RSA signature generation using SHA-1 must not be
available. However, pkcs1pad(rsa,sha1) can currently be instantiated
because it is not present in alg_test_descs; alg_test() falls through the
no_test path and succeeds, after which the algorithm appears in
/proc/crypto as fips-capable.
Add explicit alg_test_descs entries for pkcs1pad(rsa,sha1) and
pkcs1(rsa,sha1) without marking them fips_allowed, so they are treated as
not FIPS-allowed when fips=1 is enabled.
Include both names to cover kernels where RSA sign/verify is provided via
the pkcs1(...) signature template, while pkcs1pad(...) remains for the
traditional wrapper naming and/or RSAES operations.
Signed-off-by: Jeff Barnes <jeffbarnes@linux.microsoft.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/testmgr.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/crypto/testmgr.c b/crypto/testmgr.c index 4199b7d3e9fb9..9059bea7a5b03 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -5199,6 +5199,9 @@ static const struct alg_test_desc alg_test_descs[] = { .sig = __VECS(pkcs1_rsa_none_tv_template) } }, { + .alg = "pkcs1(rsa,sha1)", + .test = alg_test_null, + }, { .alg = "pkcs1(rsa,sha224)", .test = alg_test_null, .fips_allowed = 1, @@ -5234,6 +5237,9 @@ static const struct alg_test_desc alg_test_descs[] = { .test = alg_test_null, .fips_allowed = 1, }, { + .alg = "pkcs1pad(rsa,sha1)", + .test = alg_test_null, + }, { .alg = "rfc3686(ctr(aes))", .generic_driver = "rfc3686(ctr(aes-lib))", .test = alg_test_skcipher, |