]> git.proxmox.com Git - mirror_ubuntu-kernels.git/commitdiff
crypto: ansi_cprng - ANSI X9.31 DRNG is not allowed in FIPS 140-2
authorStephan Mueller <smueller@chronox.de>
Tue, 5 Jan 2016 12:12:21 +0000 (13:12 +0100)
committerHerbert Xu <herbert@gondor.apana.org.au>
Mon, 25 Jan 2016 14:38:59 +0000 (22:38 +0800)
As per update of the FIPS 140-2 Annex C supported by SP800-131A, the
ANSI X9.31 DRNG is not an allowed cipher in FIPS mode any more.

CC: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto/testmgr.c

index ae8c57fd8bc7f855e4fb73145a1ec72a34540add..5c0963d17de7ee9fce57e2532a761124e03f1cbb 100644 (file)
@@ -2081,7 +2081,6 @@ static const struct alg_test_desc alg_test_descs[] = {
        }, {
                .alg = "ansi_cprng",
                .test = alg_test_cprng,
-               .fips_allowed = 1,
                .suite = {
                        .cprng = {
                                .vecs = ansi_cprng_aes_tv_template,