From a8a344166343e8283fcbef56b931125098a1cbd4 Mon Sep 17 00:00:00 2001
From: Milan Broz <gmazyland@gmail.com>
Date: Fri, 25 Jan 2019 10:31:47 +0100
Subject: crypto: testmgr - mark crc32 checksum as FIPS allowed

The CRC32 is not a cryptographic hash algorithm,
so the FIPS restrictions should not apply to it.
(The CRC32C variant is already allowed.)

This CRC32 variant is used for in dm-crypt legacy TrueCrypt
IV implementation (tcw); detected by cryptsetup test suite
failure in FIPS mode.

Signed-off-by: Milan Broz <gmazyland@gmail.com>
Reviewed-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
 crypto/testmgr.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'crypto')

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index a73455b543ad..17f57f277e58 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2740,6 +2740,7 @@ static const struct alg_test_desc alg_test_descs[] = {
 	}, {
 		.alg = "crc32",
 		.test = alg_test_hash,
+		.fips_allowed = 1,
 		.suite = {
 			.hash = __VECS(crc32_tv_template)
 		}
-- 
cgit