diff options
| author | Pauli <pauli@openssl.org> | 2023-02-21 09:11:44 +1100 |
|---|---|---|
| committer | Pauli <pauli@openssl.org> | 2023-02-22 11:29:02 +1100 |
| commit | 759ab5984eb981f2dd165979a7abb950ddad81ae (patch) | |
| tree | bb5d546a238e7fa7331e3ab8533f30a66f849902 /providers | |
| parent | 0aa7d7f42bc757a0993739b6cfdc8819a70d22ef (diff) | |
| download | openssl-new-759ab5984eb981f2dd165979a7abb950ddad81ae.tar.gz | |
Revert "Put EdDSA back as approved algorithms."
This reverts commit 09627a8ceb69e19d2855b36228f44a3660af177a.
NIST isn't allowing EdDSA at this stage after all, so flag it as not
FIPS approved in the FIPS provider. Guidance for FIPS 140-3 is expected
later this month:
The use of EdDSA still remains non-approved.
Before the FIPS 186-5 and SP 800-186 algorithms / curves can be
used in the approved mode, the CMVP will need to do (at least)
the following:
* Incorporate FIPS 186-5 and SP 800-186 into SP 800-140C/D;
* Update IG 10.3.A to incorporate self-test requirements for the
new algorithms/curves.
* Write a new IG on this transition to clarify the issues raised in
this thread and elsewhere and provide a clear transition schedule.
The CMVP is working on all three of these items and hope to have
drafts public by the end of March.
Since security relevant changes are not permitted for new 140-2
submissions, and under the assumption that this transition away
from FIPS 186-4 algorithms will be 'soft' and not move modules to
the historical list, we do not plan on writing 140-2 guidance for
this transition.
It seems unlikely that all of these requirements will be completed before
we submit.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20343)
Diffstat (limited to 'providers')
| -rw-r--r-- | providers/fips/fipsprov.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index 8b9afb8f33..b86b27d236 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -393,9 +393,9 @@ static const OSSL_ALGORITHM fips_signature[] = { #endif { PROV_NAMES_RSA, FIPS_DEFAULT_PROPERTIES, ossl_rsa_signature_functions }, #ifndef OPENSSL_NO_EC - { PROV_NAMES_ED25519, FIPS_DEFAULT_PROPERTIES, + { PROV_NAMES_ED25519, FIPS_UNAPPROVED_PROPERTIES, ossl_ed25519_signature_functions }, - { PROV_NAMES_ED448, FIPS_DEFAULT_PROPERTIES, ossl_ed448_signature_functions }, + { PROV_NAMES_ED448, FIPS_UNAPPROVED_PROPERTIES, ossl_ed448_signature_functions }, { PROV_NAMES_ECDSA, FIPS_DEFAULT_PROPERTIES, ossl_ecdsa_signature_functions }, #endif { PROV_NAMES_HMAC, FIPS_DEFAULT_PROPERTIES, @@ -439,9 +439,9 @@ static const OSSL_ALGORITHM fips_keymgmt[] = { PROV_DESCS_X25519 }, { PROV_NAMES_X448, FIPS_DEFAULT_PROPERTIES, ossl_x448_keymgmt_functions, PROV_DESCS_X448 }, - { PROV_NAMES_ED25519, FIPS_DEFAULT_PROPERTIES, ossl_ed25519_keymgmt_functions, + { PROV_NAMES_ED25519, FIPS_UNAPPROVED_PROPERTIES, ossl_ed25519_keymgmt_functions, PROV_DESCS_ED25519 }, - { PROV_NAMES_ED448, FIPS_DEFAULT_PROPERTIES, ossl_ed448_keymgmt_functions, + { PROV_NAMES_ED448, FIPS_UNAPPROVED_PROPERTIES, ossl_ed448_keymgmt_functions, PROV_DESCS_ED448 }, #endif { PROV_NAMES_TLS1_PRF, FIPS_DEFAULT_PROPERTIES, ossl_kdf_keymgmt_functions, |