Page MenuHome GnuPG

DRBG with SHA384 is no longer allowed in FIPS mode (and looks like impossible to enable anyway)
Closed, ResolvedPublic

Description

IG D.R says

"The new validations, or any revalidations that extend the module’s sunset date, submitted more than one year after the publication date of this IG (i.e., May 16, 2023) shall only use SHA-1, SHA-256 or SHA-512 in Hash_DRBG and HMAC_DRBG."

The current implementation in libgcrypt has SHA384 defines, but does not have them in the parse_flag_string() function so my though is that these can not be enabled (unless somebody would instantiate the drbg with flags created outside of the module, which I believe is not possible). Can you confirm this is the case?

For clarity, it would be good to remove the SHA384 flags altogether in the long term.

Details

Version
master, 1.10.x

Revisions and Commits