- User Since
- Sep 26 2022, 4:59 PM (62 w, 1 d)
Mar 6 2023
Right, thanks for the review! Updated patches below.
Mar 1 2023
After consulting with our certs lab and studying the code I think SHAKE should not be a problem for now. All of the _gcry_digest_spec_shakeXXX seem to neither have an mdlen nor a read() function. pk_sign and pk_verify seem to both call md_read() which should fail because of the missing read function, kdf checks _gcry_md_get_algo_dlen() which should also disallow SHAKE.
Feb 27 2023
Good catch. A similar problem might arise with SHA384 according to section D.R which states
Right, we have received the same feedback from our cert lab but I haven't found time to update the bug yet. Here are the updated patches: