Maniphest T5918

Disable RSA PKCS #1.5 encryption in FIPS mode
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Jakuje
	Apr 5 2022, 10:31 AM

Tags

Subscribers

Description

Our reading of NIST.SP.800-131Ar2 is that the "PKCS1-v1_5 padding" is deprecated and will be disallowed after 2023 for RSA encryption. It should be still possible to use it in the signature schemes as long as the key size is at least 2k (we have already covered this requirement). See the page 15 of the following document:

https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf

The proposed change should be pretty specific. I included also test cases adjustments to verify the encryption with pkcs1 flags do not work when we are in FIPS mode.

rsa-pkcs15.patch6 KBDownload

See external link for the patch in gitlab with tests run results.

Details

External Link: https://gitlab.com/redhat-crypto/libgcrypt/libgcrypt-mirror/-/merge_requests/1
Version: master

Revisions and Commits

rC libgcrypt
	rCf736f3c70182 tests: Expect the RSA PKCS #1.5 encryption to fail in FIPS mode
	rC299e2f934159 tests: Replace custom bit with more generic flags
	rCc7709f7b2384 Do not allow PKCS #1.5 padding for encryption in FIPS

Related Objects

Mentioned In: T7165: Release Libgcrypt 1.11.0
T5905: Release Libgcrypt 1.10.2

Event Timeline

Jakuje created this task.Apr 5 2022, 10:31 AM

• gniibe claimed this task.Apr 19 2022, 11:27 AM

• gniibe moved this task from Backlog to Next on the FIPS board.

• werner triaged this task as High priority.Apr 20 2022, 8:45 AM

• gniibe added a commit: rCc7709f7b2384: Do not allow PKCS #1.5 padding for encryption in FIPS.Apr 21 2022, 3:25 AM

• gniibe added a commit: rC299e2f934159: tests: Replace custom bit with more generic flags.

• gniibe added a commit: rCf736f3c70182: tests: Expect the RSA PKCS #1.5 encryption to fail in FIPS mode.

• gniibe added a project: Restricted Project.May 3 2022, 10:49 AM

• werner added a project: backport.May 3 2022, 11:17 AM

• gniibe moved this task from Next to Ready for release on the FIPS board.May 6 2022, 2:31 AM

It will be in 1.10.2.

• werner changed the task status from Open to Testing.Sep 22 2022, 11:01 AM

• werner removed a project: Restricted Project.

• gniibe closed this task as Resolved.Apr 13 2023, 3:12 AM

• werner mentioned this in T5905: Release Libgcrypt 1.10.2.Nov 14 2023, 12:55 PM

• werner mentioned this in T7165: Release Libgcrypt 1.11.0.Jun 19 2024, 11:37 AM