PCT failures inconsistency in regards to the FIPS error state
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Jakuje
	Mar 2 2023, 9:46 AM

Description

After keys are generated, the PCT are run, verifying the keys behave as expected and are usable. If they fail, the RSA calls fips_signal_error(), which moves the FIPS module to STATE_ERROR (recoverable), while for ECDSA keys, the log_fatal() is executed, which moves the FIPS module state to STATE_FATALERROR (non-recoverable).

This is not a big deal in regards to the FIPS according to the lab, but it would be great to sync on one behavior. Using the RSA approach sounds cleaner so this is my proposal

libgcrypt-ecc-pct.patch3 KBDownload

Details

Version: master, 1.10.x

Revisions and Commits

rC libgcrypt
	rC23a2d1285e35 ecc: Make the PCT recoverable in FIPS mode and consistent with RSA.

Related Objects

Mentioned In: T5905: Release Libgcrypt 1.10.2

Event Timeline

Jakuje created this task.Mar 2 2023, 9:46 AM

I think the patch is okay.

We have not done this in ECC because,iirc, the ECC support is newer than our old FIPS certification and at that time we did not care much about this.

• gniibe added a commit: rC23a2d1285e35: ecc: Make the PCT recoverable in FIPS mode and consistent with RSA..Mar 7 2023, 3:42 AM

Applied to both (1.10 and master).

• gniibe moved this task from Backlog to Next on the FIPS board.Mar 7 2023, 3:43 AM

• gniibe changed the task status from Open to Testing.Mar 8 2023, 1:47 AM

• gniibe moved this task from Next to Ready for release on the FIPS board.

Fixed in 1.10.2.

• werner mentioned this in T5905: Release Libgcrypt 1.10.2.Nov 14 2023, 12:55 PM