[gnutls-devel] GnuTLS | Mark HKDF and AES-GCM as approved when used in TLS (!1568)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Tue Apr 5 11:32:42 CEST 2022
Daiki Ueno started a new discussion on lib/constate.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1568#note_900803317
> key.data = state->key;
> key.size = state->key_size;
>
> - ret = _gnutls_aead_cipher_init(&state->ctx.aead,
> - algo, &key);
> - if (ret < 0)
> + ret = _gnutls_aead_cipher_init(&state->ctx.aead, algo, &key);
> + if (ret < 0) {
> + _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
> return gnutls_assert_val(ret);
> + } else {
> + _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
I think we need a check on `algo` (as in `gnutls_cipher_init`); otherwise non-approved algorithms (such as `CAMELLIA-128-GCM`) could be marked as approved.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1568#note_900803317
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20220405/b41f684d/attachment-0001.html>
More information about the Gnutls-devel
mailing list