[gnutls-devel] GnuTLS | fips: make FIPS140-2 mode enablement logic simpler (!1253)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Mon May 18 15:59:07 CEST 2020



Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1253 was reviewed by Alexander Sosedkin

--
  
Alexander Sosedkin started a new discussion on doc/cha-internals.texi: https://gitlab.com/gnutls/gnutls/-/merge_requests/1253#note_344496724

> - at item Only approved by FIPS140-2 algorithms are enabled
> - at item Only approved by FIPS140-2 key lengths are allowed for key generation
>  @item The random generator used switches to DRBG-AES

I don't think it's true, based on https://gitlab.com/gnutls/gnutls/-/blob/a9f907be146be0df2cc756c19543ec1d10ccdef9/lib/random.c#L110.

I'm not against switching to FIPS RNG on FIPS-enabled, but then I consider this MR to be dependent on actually ensuring that FIPS RNG is both enabled and self-tested in FIPS-installed-and-not-enabled scenario.

On the subject of non-zero comparisons, https://gitlab.com/gnutls/gnutls/-/blob/a9f907be146be0df2cc756c19543ec1d10ccdef9/lib/crypto-selftests.c#L1943 also seems strange to me; whatever it is, I can't really rationalize it.

--
  
Alexander Sosedkin started a new discussion on doc/cha-internals.texi: https://gitlab.com/gnutls/gnutls/-/merge_requests/1253#note_344496730

> +
> + at itemize
> + at item Only approved by FIPS140-2 algorithms are enabled

I think it'd be nice to elaborate which classes of algorithms have the restriction enforced and which are not. AFAIK, ciphers and macs are limited, when, e.g., curve selection is not restricted.


-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1253
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200518/4c63b946/attachment.html>


More information about the Gnutls-devel mailing list