From e1dc530d0c082c903e74bf6e16d8a38843d3d1d7 Mon Sep 17 00:00:00 2001
From: Aleksander Jan Bajkowski <olek2@wp.pl>
Date: Thu, 1 Jan 2026 16:25:18 +0100
Subject: [PATCH] crypto: testmgr - allow authenc(sha224,rfc3686) variant in
 fips mode

The remaining combinations of AES-CTR-RFC3686 and SHA* have already been
marked as allowed in 8888690ef5f7. This commit does the same for SHA224.

rfc3686(ctr(aes)) is already marked fips compliant,
so these should be fine.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
 crypto/testmgr.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index a302be53896d3..5bae4871690f5 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -4137,6 +4137,10 @@ static const struct alg_test_desc alg_test_descs[] = {
 		.suite = {
 			.aead = __VECS(hmac_sha224_des3_ede_cbc_tv_temp)
 		}
+	}, {
+		.alg = "authenc(hmac(sha224),rfc3686(ctr(aes)))",
+		.test = alg_test_null,
+		.fips_allowed = 1,
 	}, {
 		.alg = "authenc(hmac(sha256),cbc(aes))",
 		.generic_driver = "authenc(hmac-sha256-lib,cbc(aes-generic))",
-- 
2.47.3