From: Aleksander Jan Bajkowski <olek2@wp.pl>
Date: Fri, 6 Feb 2026 19:26:59 +0000 (+0100)
Subject: crypto: tesmgr - allow authenc(hmac(sha224/sha384),cbc(aes)) in fips mode
X-Git-Tag: v7.1-rc1~145^2~124
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0441ee8d35ad6998da5043c65c4124904e8daee2;p=thirdparty%2Fkernel%2Fstable.git

crypto: tesmgr - allow authenc(hmac(sha224/sha384),cbc(aes)) in fips mode

The remaining combinations of AES-CBC and SHA* have already been marked
as allowed. This commit does the same for SHA224 and SHA384.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 49b607f65f636..9f41e7b50edc4 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -4134,6 +4134,7 @@ static const struct alg_test_desc alg_test_descs[] = {
 		.alg = "authenc(hmac(sha224),cbc(aes))",
 		.generic_driver = "authenc(hmac-sha224-lib,cbc(aes-generic))",
 		.test = alg_test_aead,
+		.fips_allowed = 1,
 		.suite = {
 			.aead = __VECS(hmac_sha224_aes_cbc_tv_temp)
 		}
@@ -4196,6 +4197,7 @@ static const struct alg_test_desc alg_test_descs[] = {
 		.alg = "authenc(hmac(sha384),cbc(aes))",
 		.generic_driver = "authenc(hmac-sha384-lib,cbc(aes-generic))",
 		.test = alg_test_aead,
+		.fips_allowed = 1,
 		.suite = {
 			.aead = __VECS(hmac_sha384_aes_cbc_tv_temp)
 		}