fips: run AES-256 self-tests with only a single mode

Previously we ran FIPS power-on self-tests for AES-256-CBC,
AES-256-GCM, AES-256-XTS, and AES-256-CFB8, though only one mode per
key size suffices according to FIPS 140-3 IG. This omits AES-256-CBC,
AES-256-XTS, and AES-256-CFB8, keeping AES-256-GCM for performance.

Signed-off-by: Daiki Ueno <ueno@gnu.org>

diff --git a/lib/fips.c b/lib/fips.c
index 84a70b5619c385860db00d37ba8ac34d85456987..9787d8afdad88d733dfb8cd5dad75c5d52988bd8 100644 (file)
--- a/lib/fips.c
+++ b/lib/fips.c
@@ -539,26 +539,11 @@ int _gnutls_fips_perform_self_checks2(void)
        /* Tests the FIPS algorithms */
 
        /* ciphers - one test per cipher */
-       ret = gnutls_cipher_self_test(0, GNUTLS_CIPHER_AES_256_CBC);
-       if (ret < 0) {
-               return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
-       }
-
        ret = gnutls_cipher_self_test(0, GNUTLS_CIPHER_AES_256_GCM);
        if (ret < 0) {
                return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
        }
 
-       ret = gnutls_cipher_self_test(0, GNUTLS_CIPHER_AES_256_XTS);
-       if (ret < 0) {
-               return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
-       }
-
-       ret = gnutls_cipher_self_test(0, GNUTLS_CIPHER_AES_256_CFB8);
-       if (ret < 0) {
-               return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
-       }
-
        /* Digest tests */
        ret = gnutls_digest_self_test(0, GNUTLS_DIG_SHA3_224);
        if (ret < 0) {