Diffusion libgcrypt 53c97483b17f

fips,ecc: Check DATA in gcry_pk_sign/verify in FIPS mode.
53c97483b17f
Actions

Tags

None

Subscribers

None

Description

fips,ecc: Check DATA in gcry_pk_sign/verify in FIPS mode.

* src/gcrypt.h.in (GCRY_FIPS_FLAG_REJECT_PK_MD): New.
(GCRY_FIPS_FLAG_REJECT_PK_GOST_SM2): New.
* cipher/ecc.c (ecc_sign): Check if GOST or SM2.  Check if hash is
compliant.
(ecc_verify): Likewise.
* tests/t-fips-service-ind.c (check_pk_s_v): Modify tests including
hash compliance.

GnuPG-bug-id: T7338
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

Details

Provenance

Authored on Thu, Dec 26, 3:12 AM

Parents

rCd71c88f78a4f: tests: Add more tests to tests/t-fips-service-ind.

Branches

Unknown

Tags

Unknown

References

Tasks

T7338: Revamp the FIPS service indicator

Event Timeline

• gniibe committed rC53c97483b17f: fips,ecc: Check DATA in gcry_pk_sign/verify in FIPS mode. (authored by • gniibe).Thu, Dec 26, 6:21 AM

• gniibe added a task: T7338: Revamp the FIPS service indicator.Fri, Dec 27, 1:27 AM

Changes (3)

Path

Size

cipher/

src/

tests/

t-fips-service-ind.c

rC53c97483b17f

cipher/ecc.c

Loading...

src/gcrypt.h.in

Loading...

tests/t-fips-service-ind.c

Loading...