[openssl/openssl] fbce6e: Implement PCT for EDDSA
Po-Hsing Wu
noreply at github.com
Fri Mar 1 10:10:06 UTC 2024
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: fbce6ebf706cdd273f2569edfea7ade106426e0b
https://github.com/openssl/openssl/commit/fbce6ebf706cdd273f2569edfea7ade106426e0b
Author: pohsingwu <pohsingwu at synology.com>
Date: 2024-03-01 (Fri, 01 Mar 2024)
Changed paths:
M doc/man7/OSSL_PROVIDER-FIPS.pod
M include/openssl/self_test.h
M providers/implementations/keymgmt/ecx_kmgmt.c
M test/pairwise_fail_test.c
M test/recipes/30-test_pairwise_fail.t
Log Message:
-----------
Implement PCT for EDDSA
According to FIPS 140-3 IG 10.3.A Additonal Comment 1, a PCT shall be
performed consistent with the intended use of the keys.
This commit implements PCT for EDDSA via performing sign and verify
operations after key generated.
Also use the same pairwise test logic in EVP_PKEY_keygen and
EVP_PKEY_pairwise_check for EDDSA in FIPS_MODULE.
Add OSSL_SELF_TEST_DESC_PCT_EDDSA to OSSL_PROVIDER-FIPS page.
Reviewed-by: Paul Dale <ppzgs1 at gmail.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23408)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
More information about the openssl-commits
mailing list