I sent a copy to firstname.lastname@example.org. Hope this is the right process. Thanks.
Please read doc/HACKING carefully on the process of sending DCO the right way.
Let me get back to this once more as one of the parts for RSA was initially missed:
diff -up libgcrypt-1.8.4/cipher/rsa.c.fips-keygen libgcrypt-1.8.4/cipher/rsa.c --- libgcrypt-1.8.4/cipher/rsa.c.fips-keygen 2017-11-23 19:16:58.000000000 +0100 +++ libgcrypt-1.8.4/cipher/rsa.c 2019-02-12 14:29:25.630513971 +0100 @@ -696,7 +696,7 @@ generate_x931 (RSA_secret_key *sk, unsig
Ui, Kudos to you for seeing that possibility in Boost Graph and applying that. *Thumbs up*
I went through some more testing and noticed one missing file in the release tarball, that prevents building libgcrypt now. Should be fixed with the attached patch.
I did go through a bit more testing too and the selftests still initialize and use the secure memory (and the t-secmem fails in FIPS mode if we invoke selftests from constructor). Now from run_random_selftests() -> _gcry_random_selftest() -> drbg_healthcheck() -> _gcry_rngdrbg_healthcheck_one(). So this means that we either need to de-initialize secure memory after the constructor selftests or prevent its initialization as I suggested in some of the previous comments.
Panel Used By