T7338: Make SHA1 non-FIPS and differentiate in the SLI
Lucas Mulling
lucas.mulling at suse.com
Wed Feb 12 19:08:53 CET 2025
On Wed Feb 12, 2025 at 9:50 AM -03, Clemens Lang wrote:
> Hi Werner,
>
>> On 12. Feb 2025, at 09:25, Werner Koch via Gcrypt-devel <gcrypt-devel at gnupg.org> wrote:
>>
>> On Mon, 3 Feb 2025 15:56, Lucas Mulling said:
>>
>>> Consider: NIST's deprecation of SHA1, effective 2030-12-31.
>>
>> That are 5.5 years in the future. Not a good idea to do it now.
>
> This matters because FIPS validations are valid for five years, but will have their lifetime limited to NIST’s SHA1 sunset date if they allow SHA1.
>
> If you do a FIPS validation now, you’ll likely get a certificate in ~2 years, which then won’t be valid for 5, but only 3, because the build included support for SHA1.
Yes, also note that operations with SHA1 are not blocked by default, and
should work normally unless GCRY_FIPS_FLAG_REJECT_MD_SHA1 is explicitly set.
More information about the Gcrypt-devel
mailing list