@@ -238,15 +238,6 @@ WC_MAYBE_UNUSED static int check_shash_driver_masking(struct crypto_shash *tfm,
238238 * extra checks on kernel version, and ecc sizes.
239239 */
240240#if defined (LINUXKM_LKCAPI_REGISTER_ECDSA )
241- #if LINUX_VERSION_CODE < KERNEL_VERSION (6 , 3 , 0 ) && \
242- defined(CONFIG_CRYPTO_FIPS ) && defined(CONFIG_CRYPTO_MANAGER )
243- /*
244- * note: ecdsa was not recognized as fips_allowed before linux v6.3
245- * in kernel crypto/testmgr.c, and will not pass the tests.
246- */
247- #undef LINUXKM_LKCAPI_REGISTER_ECDSA
248- #endif /* linux < 6.3.0 && CONFIG_CRYPTO_FIPS && CONFIG_CRYPTO_MANAGER */
249-
250241 #if (defined(HAVE_ECC192 ) || defined(HAVE_ALL_CURVES )) && \
251242 ECC_MIN_KEY_SZ <= 192 && !defined(CONFIG_CRYPTO_FIPS )
252243 /* only register p192 if specifically enabled, and if not fips. */
@@ -562,6 +553,18 @@ static int linuxkm_lkcapi_register(void)
562553#endif
563554
564555#ifdef LINUXKM_LKCAPI_REGISTER_ECDSA
556+
557+ #if (LINUX_VERSION_CODE < KERNEL_VERSION (6 , 3 , 0 )) && \
558+ defined(HAVE_FIPS ) && defined(CONFIG_CRYPTO_FIPS ) && \
559+ defined(CONFIG_CRYPTO_MANAGER ) && \
560+ !defined(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS )
561+ /*
562+ * ecdsa was not recognized as fips_allowed before linux v6.3
563+ * in kernel crypto/testmgr.c.
564+ */
565+ fips_enabled = 0 ;
566+ #endif
567+
565568 #if defined(LINUXKM_ECC192 )
566569 REGISTER_ALG (ecdsa_nist_p192 , akcipher ,
567570 linuxkm_test_ecdsa_nist_p192 );
@@ -577,6 +580,14 @@ static int linuxkm_lkcapi_register(void)
577580 REGISTER_ALG (ecdsa_nist_p521 , akcipher ,
578581 linuxkm_test_ecdsa_nist_p521 );
579582 #endif /* HAVE_ECC521 */
583+
584+ #if (LINUX_VERSION_CODE < KERNEL_VERSION (6 , 3 , 0 )) && \
585+ defined(HAVE_FIPS ) && defined(CONFIG_CRYPTO_FIPS ) && \
586+ defined(CONFIG_CRYPTO_MANAGER ) && \
587+ !defined(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS )
588+ fips_enabled = 1 ;
589+ #endif
590+
580591#endif /* LINUXKM_LKCAPI_REGISTER_ECDSA */
581592
582593#ifdef LINUXKM_LKCAPI_REGISTER_ECDH
0 commit comments