[openssl/openssl] 8353b2: fips: document that the EdDSA algorithms are not-v...

Pauli noreply at github.com
Tue Jan 24 12:38:25 UTC 2023 

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 8353b2dfacd723db5ba8b833b95e68e9600d1cf5
      https://github.com/openssl/openssl/commit/8353b2dfacd723db5ba8b833b95e68e9600d1cf5
  Author: Pauli <pauli at openssl.org>
  Date:   2023-01-24 (Tue, 24 Jan 2023)

  Changed paths:
    M doc/man7/OSSL_PROVIDER-FIPS.pod
    M doc/man7/fips_module.pod
    M doc/man7/migration_guide.pod

  Log Message:
  -----------
  fips: document that the EdDSA algorithms are not-validated

Ed25519 and Ed448 are included in the FIPS 140-3 provider for
compatibility purposes but are flagged as "fips=no" to prevent their accidental
use.  This therefore requires that applications always specify the "fips=yes"
property query to enforce FIPS correctness.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20079)


  Commit: 8948b5749410084ed1dfabf17a90df65efcf0f82
      https://github.com/openssl/openssl/commit/8948b5749410084ed1dfabf17a90df65efcf0f82
  Author: Pauli <pauli at openssl.org>
  Date:   2023-01-24 (Tue, 24 Jan 2023)

  Changed paths:
    M providers/fips/fipsprov.c

  Log Message:
  -----------
  Put X25519 and X448 back as approved algorithms

CMVP's answer when questioned about this being:

    X448 and X25519 uses Curve448 and Curve25519, respectfully, within an
    ECDH scheme.  Therefore, it is possible for a key agreement scheme
    that uses Curve448 and Curve25519 to be used in the approved mode
    and be viewed as an allowed algorithm if requirements of Scenario
    X2 of IG D.8 and IG A.2 are met (or Scenario 3 of D.F and IG C.A for
    FIPS 140-3).  The use of EdDSA in the approved mode is not permitted
    until FIPS 186-5 is published and part of CMVP guidance.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20079)


  Commit: d4e105f6d53002ebaac2caf0c723bbf734f4a21a
      https://github.com/openssl/openssl/commit/d4e105f6d53002ebaac2caf0c723bbf734f4a21a
  Author: Pauli <pauli at openssl.org>
  Date:   2023-01-24 (Tue, 24 Jan 2023)

  Changed paths:
    M CHANGES.md

  Log Message:
  -----------
  changes entry about non-approved FIPS algorithms

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20079)


  Commit: d8523bf16205399363604c8fc90256791ad8c019
      https://github.com/openssl/openssl/commit/d8523bf16205399363604c8fc90256791ad8c019
  Author: Pauli <pauli at openssl.org>
  Date:   2023-01-24 (Tue, 24 Jan 2023)

  Changed paths:
    M test/fips-and-base.cnf

  Log Message:
  -----------
  test: note that a default property query must be included for FIPS validity

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20079)


Compare: https://github.com/openssl/openssl/compare/bfd5680e6be7...d8523bf16205

More information about the openssl-commits mailing list