From 09627a8ceb69e19d2855b36228f44a3660af177a Mon Sep 17 00:00:00 2001 From: Pauli Date: Mon, 6 Feb 2023 07:39:49 +1100 Subject: [PATCH] Put EdDSA back as approved algorithms. With FIPS 186-5 being published, these can again be validated. https://csrc.nist.gov/publications/detail/fips/186/5/final Reviewed-by: Shane Lontis Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/20219) --- providers/fips/fipsprov.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index b86b27d236..8b9afb8f33 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -393,9 +393,9 @@ static const OSSL_ALGORITHM fips_signature[] = { #endif { PROV_NAMES_RSA, FIPS_DEFAULT_PROPERTIES, ossl_rsa_signature_functions }, #ifndef OPENSSL_NO_EC - { PROV_NAMES_ED25519, FIPS_UNAPPROVED_PROPERTIES, + { PROV_NAMES_ED25519, FIPS_DEFAULT_PROPERTIES, ossl_ed25519_signature_functions }, - { PROV_NAMES_ED448, FIPS_UNAPPROVED_PROPERTIES, ossl_ed448_signature_functions }, + { PROV_NAMES_ED448, FIPS_DEFAULT_PROPERTIES, ossl_ed448_signature_functions }, { PROV_NAMES_ECDSA, FIPS_DEFAULT_PROPERTIES, ossl_ecdsa_signature_functions }, #endif { PROV_NAMES_HMAC, FIPS_DEFAULT_PROPERTIES, @@ -439,9 +439,9 @@ static const OSSL_ALGORITHM fips_keymgmt[] = { PROV_DESCS_X25519 }, { PROV_NAMES_X448, FIPS_DEFAULT_PROPERTIES, ossl_x448_keymgmt_functions, PROV_DESCS_X448 }, - { PROV_NAMES_ED25519, FIPS_UNAPPROVED_PROPERTIES, ossl_ed25519_keymgmt_functions, + { PROV_NAMES_ED25519, FIPS_DEFAULT_PROPERTIES, ossl_ed25519_keymgmt_functions, PROV_DESCS_ED25519 }, - { PROV_NAMES_ED448, FIPS_UNAPPROVED_PROPERTIES, ossl_ed448_keymgmt_functions, + { PROV_NAMES_ED448, FIPS_DEFAULT_PROPERTIES, ossl_ed448_keymgmt_functions, PROV_DESCS_ED448 }, #endif { PROV_NAMES_TLS1_PRF, FIPS_DEFAULT_PROPERTIES, ossl_kdf_keymgmt_functions,