Page MenuHome GnuPG
Create Task
Maniphest T6397

PCT failures inconsistency in regards to the FIPS error state
Closed, ResolvedPublic
Actions

Description

After keys are generated, the PCT are run, verifying the keys behave as expected and are usable. If they fail, the RSA calls fips_signal_error(), which moves the FIPS module to STATE_ERROR (recoverable), while for ECDSA keys, the log_fatal() is executed, which moves the FIPS module state to STATE_FATALERROR (non-recoverable).

This is not a big deal in regards to the FIPS according to the lab, but it would be great to sync on one behavior. Using the RSA approach sounds cleaner so this is my proposal

libgcrypt-ecc-pct.patch3 KBDownload

Details

Version
master, 1.10.x

Revisions and Commits

rC libgcrypt
rC23a2d1285e35 ecc: Make the PCT recoverable in FIPS mode and consistent with RSA.

Related Objects

Event Timeline

Jakuje created this task.Mar 2 2023, 9:46 AM
werner added a subscriber: werner.Mar 2 2023, 11:41 AM

I think the patch is okay.

We have not done this in ECC because,iirc, the ECC support is newer than our old FIPS certification and at that time we did not care much about this.

gniibe added a commit: rC23a2d1285e35: ecc: Make the PCT recoverable in FIPS mode and consistent with RSA..Mar 7 2023, 3:42 AM
gniibe claimed this task.Mar 7 2023, 3:42 AM
gniibe triaged this task as Normal priority.
gniibe added a subscriber: gniibe.

Applied to both (1.10 and master).

gniibe moved this task from Backlog to Next on the FIPS board.Mar 7 2023, 3:43 AM
gniibe changed the task status from Open to Testing.Mar 8 2023, 1:47 AM
gniibe moved this task from Next to Ready for release on the FIPS board.
gniibe closed this task as Resolved.Apr 13 2023, 3:15 AM

Fixed in 1.10.2.

werner mentioned this in T5905: Release Libgcrypt 1.10.2.Nov 14 2023, 12:55 PM
werner mentioned this in T7165: Release Libgcrypt 1.11.0.Jun 19 2024, 11:37 AM