Re: [PATCH net-next] [RESEND] wireguard: disable in FIPS mode
From: Hangbin Liu <hidden>
Date: 2021-04-08 06:52:48
Also in:
linux-crypto
On Wed, Apr 07, 2021 at 03:15:51PM -0600, Jason A. Donenfeld wrote:
Hi Hangbin, On Wed, Apr 7, 2021 at 5:39 AM Hangbin Liu [off-list ref] wrote:quoted
As the cryptos(BLAKE2S, Curve25519, CHACHA20POLY1305) in WireGuard are not FIPS certified, the WireGuard module should be disabled in FIPS mode.I'm not sure this makes so much sense to do _in wireguard_. If you feel like the FIPS-allergic part is actually blake, 25519, chacha, and poly1305, then wouldn't it make most sense to disable _those_ modules instead? And then the various things that rely on those (such as wireguard, but maybe there are other things too, like security/keys/big_key.c) would be naturally disabled transitively?
Hi Jason, I'm not familiar with the crypto code. From wg_noise_init() it looks the init part is in header file. So I just disabled wireguard directly. For disabling the modules. Hi Ondrej, do you know if there is any FIPS policy in crypto part? There seems no handler when load not allowed crypto modules in FIPS mode. BTW, I also has a question, apart from the different RFC standard, what's the relation/difference between crypto/chacha20poly1305.c and lib/crypto/chacha20poly1305.c? Thanks Hangbin