[openssl/openssl] a4720e: Revert "Put EdDSA back as approved algorithms."

Wed Feb 22 00:31:36 UTC 2023

  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: a4720e9890494edb7fc888a67ca7608722dd62fb
      https://github.com/openssl/openssl/commit/a4720e9890494edb7fc888a67ca7608722dd62fb
  Author: Pauli <pauli at openssl.org>
  Date:   2023-02-22 (Wed, 22 Feb 2023)

  Changed paths:
    M providers/fips/fipsprov.c

  Log Message:
  -----------
  Revert "Put EdDSA back as approved algorithms."

This reverts commit 09627a8ceb69e19d2855b36228f44a3660af177a.

NIST isn't allowing EdDSA at this stage after all, so flag it as not
FIPS approved in the FIPS provider.  Guidance for FIPS 140-3 is expected
later this month:

    The use of EdDSA still remains non-approved.

    Before the FIPS 186-5 and SP 800-186 algorithms / curves can be
    used in the approved mode, the CMVP will need to do (at least)
    the following:

    * Incorporate FIPS 186-5 and SP 800-186 into SP 800-140C/D;

    * Update IG 10.3.A to incorporate self-test requirements for the
      new algorithms/curves.

    * Write a new IG on this transition to clarify the issues raised in
      this thread and elsewhere and provide a clear transition schedule.

    The CMVP is working on all three of these items and hope to have
    drafts public by the end of March.

    Since security relevant changes are not permitted for new 140-2
    submissions, and under the assumption that this transition away
    from FIPS 186-4 algorithms will be 'soft' and not move modules to
    the historical list, we do not plan on writing 140-2 guidance for
    this transition.

It seems unlikely that all of these requirements will be completed before
we submit.

Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20343)

(cherry picked from commit 759ab5984eb981f2dd165979a7abb950ddad81ae)

  Commit: 098e655e2128b47c6408bd3afa33490d2ec571a0
      https://github.com/openssl/openssl/commit/098e655e2128b47c6408bd3afa33490d2ec571a0
  Author: Pauli <pauli at openssl.org>
  Date:   2023-02-22 (Wed, 22 Feb 2023)

  Changed paths:
    M CHANGES.md

  Log Message:
  -----------
  update changes entry to note EdDSA is not FIPS approved

Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20343)

(cherry picked from commit 8c02b98fab688b0ccacbb2de5816a5d5fc7fb23b)

  Commit: 73b0126150b298f4c9cdccd1baac154c49cbaf46
      https://github.com/openssl/openssl/commit/73b0126150b298f4c9cdccd1baac154c49cbaf46
  Author: Pauli <pauli at openssl.org>
  Date:   2023-02-22 (Wed, 22 Feb 2023)

  Changed paths:
    M doc/man7/OSSL_PROVIDER-FIPS.pod
    M doc/man7/fips_module.pod

  Log Message:
  -----------
  update documentation to note that EdDSA is not FIPS approved

Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20343)

(cherry picked from commit fdd4716dd61e3e8fce77c04987e9dc5df7be7d9d)

Compare: https://github.com/openssl/openssl/compare/ed8d2c9948f2...73b0126150b2