mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-09 05:51:54 +08:00
Code Issues Packages Projects Releases Wiki Activity
46f55238d2
openssl/crypto/rsa
History
Dimitri John Ledkov 1bfc8d17f3 rsa-oaep: block SHAKE usage in FIPS mode 
NIST SP 800-56 rev2 only allows using approved hash algorithms in
OAEP. Unlike FIPS 186-5 it doesn't have text allowing to use XOF SHAKE
functions. Maybe future revisions of SP 800-56 will adopt similar text
to FIPS 186-5 and allow XOF as MD and MGF (not MGF1).

RFC documents do not specify if SHAKE is allowed or blocked for usage
(i.e. there is no equivalent of RFC 8692 or RFC 8702 for OAEP). Status
quo allows their usage.

Add test cases for SHAKE in RSA-OAEP as allowed in default provider,
and blocked in fips.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24387)
2024-05-22 15:31:00 +02:00
..
build.info
rsa_acvp_test_params.c
rsa_ameth.c
rsa_asn1.c
rsa_backend.c Copyright year updates 2024-04-09 13:43:26 +02:00
rsa_chk.c
rsa_crpt.c
rsa_depr.c
rsa_err.c
rsa_gen.c Copyright year updates 2024-04-09 13:43:26 +02:00
rsa_lib.c fips: zeroization of public security parameters (PSPs) 2024-05-13 11:14:11 +02:00
rsa_local.h Copyright year updates 2024-04-09 13:43:26 +02:00
rsa_meth.c
rsa_mp_names.c
rsa_mp.c
rsa_none.c
rsa_oaep.c rsa-oaep: block SHAKE usage in FIPS mode 2024-05-22 15:31:00 +02:00
rsa_ossl.c Check range of RSA plaintext and ciphertext when using no padding. 2024-04-09 14:30:43 +02:00
rsa_pk1.c
rsa_pmeth.c
rsa_prn.c
rsa_pss.c
rsa_saos.c
rsa_schemes.c
rsa_sign.c
rsa_sp800_56b_check.c Copyright year updates 2024-04-09 13:43:26 +02:00
rsa_sp800_56b_gen.c zeroize rsa->p,rsa->q on error 2024-05-14 15:55:41 +02:00
rsa_x931.c
rsa_x931g.c